Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 58 59 60 61 62 63 64 65 66 67 [68] 69 70 71 72 73 74 75 76 77 78 ... Result(s) : 39724

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2023-11-21 CVE-2023-48699 cve fastbots is a library for fast bot and scraper development using selenium and the Page Object Model (POM) design. Prior to version 0.1.5, an attacker could modify the locators.i...
9.8 2023-11-21 CVE-2023-48228 cve authentik is an open-source identity provider. When initialising a oauth2 flow with a `code_challenge` and `code_method` (thus requesting PKCE), the single sign-on provider (aut...
9.8 2023-11-21 CVE-2023-48230 cve Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a bu...
9.8 2023-11-21 CVE-2023-49105 cve An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known,...
9.8 2023-11-21 CVE-2023-6248 cve The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 dev...
9.8 2023-11-21 CVE-2023-49060 cve An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for...
9.8 2023-11-21 CVE-2023-5055 cve Possible variant of CVE-2021-3434 in function le_ecred_reconf_req.
9.8 2023-11-21 CVE-2023-4149 cve A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are execut...
9.8 2023-11-21 CVE-2023-42770 cve Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same mess...
9.8 2023-11-21 CVE-2023-40151 cve When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enable...
9.8 2023-11-20 CVE-2023-38880 cve The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a d...
9.8 2023-11-20 CVE-2023-5340 cve The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to pe...
9.8 2023-11-20 CVE-2023-5640 cve The Article Analytics WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users...
9.8 2023-11-20 CVE-2023-5652 cve The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a fun...
9.8 2023-11-20 CVE-2023-38823 cve Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
9.8 2023-11-20 CVE-2023-46990 cve Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function.
9.8 2023-11-20 CVE-2023-48176 cve An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web token).
9.8 2023-11-20 CVE-2023-29155 cve Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the "root" account on the host system of the device. This could allow an attacker to obtain ad...
9.8 2023-11-20 CVE-2023-35762 cve Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.
9.8 2023-11-20 CVE-2022-46337 cve A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk De...
Page(s) : 1 ... 58 59 60 61 62 63 64 65 66 67 [68] 69 70 71 72 73 74 75 76 77 78 ... Result(s) : 39724