Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 130797

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-10-16CVE-2016-11014cve NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.
N/A2019-10-15CVE-2019-13392cve A reflected Cross-Site Scripting (XSS) vulnerability in MindPalette NateMail 3.0.15 allows an attacker to execute remote JavaScript in a victim's browser via a specially cr...
N/A2019-10-15CVE-2019-17613cve qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Al...
N/A2019-10-15CVE-2019-17612cve An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/BackendController.class.php file via the index.php?m=Adm...
N/A2019-10-15CVE-2019-17602cve An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, t...
N/A2019-10-15CVE-2019-17601cve In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018...
N/A2019-10-15CVE-2019-17398cve In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be avail...
N/A2019-10-15CVE-2019-17396cve In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
N/A2019-10-15CVE-2019-17395cve In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
N/A2019-10-15CVE-2019-17394cve In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
N/A2019-10-15CVE-2019-17356cve The Infinite Design application 3.4.12 for Android sends a username and password via TCP without any encryption during login, as demonstrated by sniffing of a public Wi-Fi network.
N/A2019-10-15CVE-2019-17355cve In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
N/A2019-10-15CVE-2019-14832cve A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowled...
N/A2019-10-15CVE-2017-1002201cve In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the &#...
102019-10-15CVE-2019-17600cve Intelbras IWR 1000N 1.6.4 devices allows disclosure of the administrator login name and password because v1/system/user is mishandled.
52019-10-15CVE-2019-17397cve In the DoorDash application through 11.5.2 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.
N/A2019-10-15CVE-2019-17195cve Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) o...
N/A2019-10-15CVE-2019-12944cve Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable.
6.52019-10-15CVE-2019-10760cve safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
6.52019-10-15CVE-2019-10759cve safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ...Result(s) : 130797