Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ...Result(s) : 146231

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-05-24CVE-2018-12624cve An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter.
N/A2019-05-24CVE-2017-18375cve Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
N/A2019-05-24CVE-2016-10759cve The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFil...
N/A2019-05-24CVE-2016-10758cve PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter.
N/A2019-05-24CVE-2016-10757cve In Redaxo 5.2.0, the cron management of the admin panel suffers from CSRF that leads to arbitrary Remote Code Execution via addons/cronjob/lib/types/phpcode.php.
N/A2019-05-24CVE-2016-10756cve Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/up...
N/A2019-05-24CVE-2016-10755cve AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data t...
N/A2019-05-24CVE-2016-10754cve modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist parameter.
N/A2019-05-24CVE-2016-10753cve e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php uses unserialize without an HMAC.
N/A2019-05-24CVE-2016-10752cve serendipity_moveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a ren...
N/A2019-05-24CVE-2016-10751cve osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an ...
7.52019-05-24DSA-4452Debian jackson-databind security update
52019-05-24DSA-4451Debian thunderbird security update
N/A2019-05-24CVE-2019-8346cve In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScri...
N/A2019-05-24CVE-2019-2726cve Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). The supported version that is affe...
N/A2019-05-24CVE-2019-2250cve Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
N/A2019-05-24CVE-2019-2248cve Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna...
N/A2019-05-24CVE-2019-2247cve Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdrago...
N/A2019-05-24CVE-2019-2245cve Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Aut...
N/A2019-05-24CVE-2019-2244cve Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon A...
Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ...Result(s) : 146231