| Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... | Result(s) : 89823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2024-02-08 | CVE-2024-23756 | cve | The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading... |
| 7.8 | 2024-02-08 | CVE-2023-25365 | cve | Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3 |
| 8.8 | 2024-02-08 | CVE-2023-27001 | cve | An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege esc... |
| 8.8 | 2024-02-08 | CVE-2023-40265 | cve | An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload. |
| 8.8 | 2024-02-08 | CVE-2023-47020 | cve | Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user acc... |
| 7.5 | 2024-02-08 | CVE-2023-6517 | cve | Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MIA-MED allows Collect Data as Provided by Users.This issue affects MIA-MED: ... |
| 7.5 | 2024-02-08 | CVE-2023-6518 | cve | Plaintext Storage of a Password vulnerability in Mia Technology Inc. MIA-MED allows Read Sensitive Strings Within an Executable.This issue affects MIA-MED: before 1.0.7. |
| 7.5 | 2024-02-08 | CVE-2023-6519 | cve | Exposure of Data Element to Wrong Session vulnerability in Mia Technology Inc. MIA-MED allows Read Sensitive Strings Within an Executable.This issue affects MIA-MED: before 1.0.... |
| 8 | 2024-02-08 | CVE-2024-0985 | cve | Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intend... |
| 8.8 | 2024-02-08 | CVE-2024-24113 | cve | xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE. |
| 7.5 | 2024-02-08 | CVE-2024-23452 | cve | Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The http_parser... |
| 8.8 | 2024-02-08 | CVE-2023-6515 | cve | Authorization Bypass Through User-Controlled Key vulnerability in Mia Technology Inc. MIA-MED allows Authentication Abuse.This issue affects MIA-MED: before 1.0.7. |
| 8.8 | 2024-02-08 | CVE-2024-24350 | cve | File Upload vulnerability in Software Publico e-Sic Livre v.2.0 and before allows a remote attacker to execute arbitrary code via the extension filtering component. |
| 8.1 | 2024-02-08 | CVE-2024-25148 | cve | In Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions the `doA... |
| 7.5 | 2024-02-07 | CVE-2023-6356 | cve | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, ... |
| 7.5 | 2024-02-07 | CVE-2023-6535 | cve | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, ... |
| 7.5 | 2024-02-07 | CVE-2023-6536 | cve | A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, ... |
| 7.5 | 2024-02-07 | CVE-2024-23448 | cve | An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain p... |
| 7.3 | 2024-02-07 | CVE-2024-24806 | cve | libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getad... |
| 7.8 | 2024-02-07 | CVE-2024-22012 | cve | there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User inte... |
| Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... | Result(s) : 89823 |
