| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 144499 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 9.3 | 2019-04-22 | CVE-2019-11416 | cve | A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. |
| 7.8 | 2019-04-22 | CVE-2019-11415 | cve | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON mi... |
| 4.3 | 2019-04-22 | CVE-2019-11414 | cve | An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains a... |
| 5 | 2019-04-22 | CVE-2019-11413 | cve | An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. |
| 5 | 2019-04-22 | CVE-2019-11412 | cve | An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. |
| 7.5 | 2019-04-22 | CVE-2019-11411 | cve | An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow. |
| N/A | 2019-04-22 | CVE-2019-11405 | cve | OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses http:// URLs in various build.gradle, build.gradle.mustache, and build.sbt files, which may have caused ins... |
| N/A | 2019-04-22 | CVE-2019-11404 | cve | arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compiling and building the published JARs) over HTTP instead of HTTPS. Any of these dependent artifacts could ha... |
| N/A | 2019-04-22 | CVE-2019-11403 | cve | In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect the configured password back when viewing the HTML page source of the settings page. |
| N/A | 2019-04-22 | CVE-2019-11402 | cve | In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. |
| N/A | 2019-04-22 | CVE-2019-11401 | cve | A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which ... |
| 7.5 | 2019-04-22 | CVE-2019-11395 | cve | A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long string, as demonstrated by SMTP RCPT TO, POP3 USER, POP3 LIST, POP3 TOP, or PO... |
| N/A | 2019-04-22 | CVE-2019-11393 | cve | An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password ch... |
| N/A | 2019-04-22 | CVE-2019-11244 | cve | In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable perm... |
| N/A | 2019-04-22 | CVE-2019-11243 | cve | In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/passwo... |
| N/A | 2019-04-22 | CVE-2019-11235 | cve | FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve ... |
| 7.5 | 2019-04-22 | CVE-2019-11234 | cve | FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. |
| N/A | 2019-04-22 | CVE-2018-20818 | cve | A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which ca... |
| N/A | 2019-04-22 | CVE-2016-1587 | cve | The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connecti... |
| N/A | 2019-04-22 | CVE-2016-1586 | cve | A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 144499 |
