| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 129287 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 7.5 | 2019-09-18 | CVE-2019-9677 | cve | The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected produc... |
| N/A | 2019-09-18 | CVE-2019-14458 | cve | VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. |
| N/A | 2019-09-18 | CVE-2019-1975 | cve | A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affe... |
| 7.5 | 2019-09-18 | CVE-2019-16399 | cve | Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker... |
| 5.8 | 2019-09-18 | CVE-2019-15843 | cve | A malicious file upload vulnerability was discovered in Xiaomi Millet mobile phones 1-6.3.9.3. A man-in-the-middle attacker could write files or read privileged data. |
| 7.5 | 2019-09-18 | CVE-2019-14254 | cve | An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions.... |
| 6.4 | 2019-09-18 | CVE-2019-14253 | cve | An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder ... |
| 6.5 | 2019-09-18 | CVE-2019-14252 | cve | An issue was discovered in the secure portal in Publisure 2.1.2. Once successfully authenticated as an administrator, one is able to inject arbitrary PHP code by using the admin... |
| 5 | 2019-09-18 | CVE-2019-12620 | cve | A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device... |
| 4 | 2019-09-18 | CVE-2018-1847 | cve | IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) v2.0.0.0 through 2.0.0.5, v2.1.0.0 through 2.1.0.4, v2.1.1.0 through 2.1.1.4, and v3.0.0.0 through 3.0.0.8 could ... |
| 6.5 | 2019-09-18 | CVE-2019-16403 | cve | In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers. |
| 3.5 | 2019-09-18 | CVE-2019-16216 | cve | Zulip server before 2.0.5 incompletely validated the MIME types of uploaded files. A user who is logged into the server could upload files of certain types to mount a stored cro... |
| 4 | 2019-09-18 | CVE-2019-16215 | cve | The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted mess... |
| 7.5 | 2019-09-18 | CVE-2016-10995 | cve | The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php. |
| 4.3 | 2019-09-18 | CVE-2016-10994 | cve | The Truemag theme 2016 Q2 for WordPress has XSS via the s parameter. |
| 7.5 | 2019-09-17 | CVE-2019-6840 | cve | A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server... |
| 6.5 | 2019-09-17 | CVE-2019-6839 | cve | An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion... |
| 5.5 | 2019-09-17 | CVE-2019-6838 | cve | An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion... |
| 6.4 | 2019-09-17 | CVE-2019-6837 | cve | A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 ... |
| 5 | 2019-09-17 | CVE-2019-6836 | cve | An Improper Access Control: CWE-284 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion... |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 129287 |
