Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ...Result(s) : 28379

Alerts Feed Alerts

DateNameCategoriesDetail
7.52017-10-30CVE-2014-0073cve The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS fro...
7.52017-10-30CVE-2013-4366cve http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified...
7.52017-10-30CVE-2012-4449cve Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it ea...
7.22017-10-30CVE-2017-9450cve The Amazon Web Services (AWS) CloudFormation bootstrap tools package (aka aws-cfn-bootstrap) before 1.4-19.10 allows local users to execute arbitrary code with root privileges b...
7.52017-10-30CVE-2015-3249cve The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possi...
7.52017-10-30CVE-2014-3624cve Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by leveraging failure to properly tunnel remap requests using CONNECT.
7.82017-10-30CVE-2014-0115cve Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log.
7.52017-10-30CVE-2012-5358cve The XSLTCompiledTransform function in Ektron Content Management System (CMS) before 8.02 SP5 configures the XSL with enableDocumentFunction set to true, which allows remote atta...
7.52017-10-30CVE-2012-5357cve Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code...
7.82017-10-30CVE-2012-0881cve Apache Xerces2 Java allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.
7.52017-10-29CVE-2017-16228cve Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a rel...
7.52017-10-29GLSA-201710-32Gentoo Apache: Multiple vulnerabilities
7.22017-10-29DSA-4009Debian shadowsocks-libev security update
7.52017-10-29GLSA-201710-29Gentoo Asterisk: Multiple vulnerabilities
7.52017-10-29GLSA-201710-28Gentoo Jython: Arbitrary code execution
7.52017-10-29CVE-2017-15994cve rsync 3.1.3-development before 2017-10-24, as used in the xlucas svfs rsync fork and other products, mishandles archaic checksums, which makes it easier for remote attackers to ...
7.52017-10-29CVE-2017-15976cve ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
7.52017-10-29CVE-2017-15975cve Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.
7.52017-10-29CVE-2017-15974cve tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.
7.52017-10-29CVE-2017-15973cve Sokial Social Network Script 1.0 allows SQL Injection via the id parameter to admin/members_view.php.
Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ...Result(s) : 28379