| Page(s) : 1 ... 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 ... | Result(s) : 39741 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-11-18 | CVE-2023-43177 | cve | CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes. |
| 9.8 | 2023-11-18 | CVE-2023-48028 | cve | kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response... |
| 9.8 | 2023-11-17 | CVE-2023-6188 | cve | A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This issue affects some unknown processing of the file /admin/theme-edit.php. The manipul... |
| 9.8 | 2023-11-17 | CVE-2023-44324 | cve | Adobe FrameMaker Publishing Server versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthen... |
| 9.8 | 2023-11-17 | CVE-2023-44350 | cve | Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code e... |
| 9.8 | 2023-11-17 | CVE-2023-44351 | cve | Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code e... |
| 9.8 | 2023-11-17 | CVE-2023-44353 | cve | Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code e... |
| 9.8 | 2023-11-17 | CVE-2023-38316 | cve | An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS commands by inserting t... |
| 9.8 | 2023-11-17 | CVE-2023-41101 | cve | An issue was discovered in the captive portal in OpenNDS before version 10.1.3. get_query in http_microhttpd.c does not validate the length of the query string of GET requests. ... |
| 9.8 | 2023-11-17 | CVE-2023-45387 | cve | In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 5.0.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection via ... |
| 9.8 | 2023-11-17 | CVE-2023-48031 | cve | OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat fi... |
| 9.8 | 2023-11-17 | CVE-2023-48648 | cve | Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkd... |
| 9.8 | 2023-11-17 | CVE-2023-48655 | cve | An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters. |
| 9.8 | 2023-11-17 | CVE-2023-48656 | cve | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses. |
| 9.8 | 2023-11-17 | CVE-2023-48657 | cve | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters. |
| 9.8 | 2023-11-17 | CVE-2023-48658 | cve | An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space. |
| 9.8 | 2023-11-17 | CVE-2023-48659 | cve | An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing. |
| 9.8 | 2023-11-17 | CVE-2023-48078 | cve | SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows attackers to run arbitrary SQL commands via the 'title' parameter. |
| 9.8 | 2023-11-16 | CVE-2023-6014 | cve | An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment. |
| 9.8 | 2023-11-16 | CVE-2023-6016 | cve | An attacker is able to gain remote code execution on a server hosting the H2O dashboard through it's POJO model import feature. |
| Page(s) : 1 ... 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 ... | Result(s) : 39741 |
