Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 147593

Alerts Feed Alerts

DateNameCategoriesDetail
92019-06-18CVE-2018-18852cve Cerio DT-300N 1.1.6 through 1.1.12 devices allow OS command injection because of improper input validation of the web-interface PING feature's use of Save.cgi to execute a ...
52019-06-18CVE-2018-18839cve ** DISPUTED ** An issue was discovered in Netdata 1.10.0. Full Path Disclosure (FPD) exists via api/v1/alarms. NOTE: the vendor says "is intentional."
52019-06-18CVE-2018-18838cve An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.
N/A2019-06-18CVE-2018-18837cve An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.
4.32019-06-18CVE-2018-18836cve An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.
6.82019-06-18CVE-2018-18802cve The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.
52019-06-18CVE-2019-7159cve OX App Suite 7.10.1 and earlier allows Information Exposure.
4.32019-06-18CVE-2019-6965cve An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/qr/qr.php url parameter.
4.32019-06-18CVE-2019-12823cve Craft CMS 3.1.30 has XSS.
N/A2019-06-18CVE-2019-10998cve An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) before 2019.0 LTS and AXC F 2152 STARTERKIT (No.1046568) before 2019.0 LTS devices. Unlimited physical access ...
N/A2019-06-18CVE-2018-20013cve In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::ProcessPacket metadata_...
6.52019-06-17CVE-2019-12868cve app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP file_exists function is used with user-controlled entries, and phar...
52019-06-17CVE-2019-8323cve An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side...
52019-06-17CVE-2019-8322cve An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is...
52019-06-17CVE-2019-8321cve An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteraction#verbose calls say without escaping, escape sequence injection is possible.
7.52019-06-17CVE-2019-7158cve OX App Suite 7.10.0 and earlier has Incorrect Access Control.
N/A2019-06-17CVE-2019-5017cve An exploitable information disclosure vulnerability exists in the KCodes NetUSB.ko kernel module that enables the ReadySHARE Printer functionality of at least two NETGEAR Nighth...
N/A2019-06-17CVE-2019-5016cve An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighth...
4.32019-06-17CVE-2019-12865cve In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.
6.82019-06-17CVE-2018-19450cve A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. An attacker can leverage this to gain remote...
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 147593