| Page(s) : 1 ... 46 47 48 49 50 51 52 53 54 55 [56] 57 58 59 60 61 62 63 64 65 66 ... | Result(s) : 39744 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-12-13 | CVE-2023-6723 | cve | An unrestricted file upload vulnerability has been identified in Repbox, which allows an attacker to upload malicious files via the transforamationfileupload function, due to th... |
| 9.8 | 2023-12-13 | CVE-2023-42495 | cve | Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
| 9.8 | 2023-12-13 | CVE-2023-6756 | cve | A vulnerability was found in Thecosy IceCMS 2.0.1. It has been classified as problematic. Affected is an unknown function of the file /login of the component Captcha Handler. Th... |
| 9.8 | 2023-12-13 | CVE-2023-47577 | cve | An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. |
| 9.1 | 2023-12-12 | CVE-2023-48225 | cve | Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it m... |
| 9.8 | 2023-12-12 | CVE-2023-50252 | cve | php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling `` tag that references an `` tag, it merges the attributes from the `` tag to the `... |
| 9.8 | 2023-12-12 | CVE-2023-46454 | cve | In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell commands through a crafted package name in the package information functionality. |
| 9.8 | 2023-12-12 | CVE-2023-46456 | cve | In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality. |
| 9.8 | 2023-12-12 | CVE-2023-6593 | cve | Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a... |
| 9.8 | 2023-12-12 | CVE-2013-2513 | cve | The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. |
| 9.8 | 2023-12-12 | CVE-2023-43364 | cve | main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution. |
| 9.8 | 2023-12-12 | CVE-2023-48427 | cve | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). Affected products do not properly validate the certificate of the configured UMC server. Thi... |
| 9.8 | 2023-12-12 | CVE-2023-41117 | cve | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. ... |
| 9.1 | 2023-12-12 | CVE-2023-36649 | cve | Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web manageme... |
| 9.4 | 2023-12-12 | CVE-2023-49581 | cve | SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerab... |
| 9.8 | 2023-12-12 | CVE-2023-49583 | cve | SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, a... |
| 9.8 | 2023-12-12 | CVE-2023-50422 | cve | SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under c... |
| 9.8 | 2023-12-12 | CVE-2023-50423 | cve | SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an... |
| 9.8 | 2023-12-12 | CVE-2023-50424 | cve | SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges.... |
| 9.8 | 2023-12-11 | CVE-2023-50245 | cve | OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1. |
| Page(s) : 1 ... 46 47 48 49 50 51 52 53 54 55 [56] 57 58 59 60 61 62 63 64 65 66 ... | Result(s) : 39744 |
