| Page(s) : 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 ... | Result(s) : 39738 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-02-08 | CVE-2024-24018 | cve | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via... |
| 9.8 | 2024-02-08 | CVE-2024-24023 | cve | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /... |
| 9.8 | 2024-02-08 | CVE-2024-24024 | cve | An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in speci... |
| 9.8 | 2024-02-08 | CVE-2024-24025 | cve | An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). An attacker can pass in specially cra... |
| 9.8 | 2024-02-08 | CVE-2024-24026 | cve | An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg(). An attacker can pass i... |
| 9.8 | 2024-02-08 | CVE-2024-22394 | cve | An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentic... |
| 9.8 | 2024-02-08 | CVE-2024-24003 | cve | jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findInOutMaterialCount() function of jshERP does n... |
| 9.8 | 2024-02-08 | CVE-2024-24014 | cve | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /n... |
| 9.8 | 2024-02-08 | CVE-2024-24017 | cve | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /c... |
| 9.8 | 2024-02-08 | CVE-2024-24021 | cve | A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /... |
| 9.8 | 2024-02-08 | CVE-2024-24202 | cve | An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary c... |
| 9.8 | 2024-02-07 | CVE-2023-38995 | cve | An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command. |
| 9.8 | 2024-02-07 | CVE-2024-24811 | cve | SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnerability found in versions prior to 2.2 allows unauthenticated execution of arbitrary SQL statements on the d... |
| 9.8 | 2024-02-07 | CVE-2023-32328 | cve | IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-... |
| 9.8 | 2024-02-07 | CVE-2023-32330 | cve | IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977. |
| 9.8 | 2024-02-07 | CVE-2024-24563 | cve | Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typ... |
| 9.1 | 2024-02-07 | CVE-2024-24822 | cve | Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission... |
| 9.8 | 2024-02-07 | CVE-2024-24133 | cve | Atmail v6.6.0 was discovered to contain a SQL injection vulnerability via the username parameter on the login page. |
| 9.8 | 2024-02-07 | CVE-2024-24186 | cve | Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c. |
| 9.8 | 2024-02-07 | CVE-2024-24188 | cve | Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c. |
| Page(s) : 1 2 3 4 5 6 7 [8] 9 10 11 12 13 14 15 16 17 18 ... | Result(s) : 39738 |
