| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 198303 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-10-27 | CVE-2011-4124 | cve | Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges. |
| N/A | 2021-10-27 | CVE-2011-4125 | cve | A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root. |
| N/A | 2021-10-27 | CVE-2011-4126 | cve | Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged users the ability to mount any device to anywhere. |
| N/A | 2021-10-27 | CVE-2011-4574 | cve | PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information based on the processor's high resolution timer... |
| N/A | 2021-10-27 | CVE-2020-7867 | cve | An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possib... |
| N/A | 2021-10-27 | CVE-2021-26610 | cve | The move_uploaded_file function in godomall5 does not perform an integrity check of extension or authority when user upload file. This vulnerability allows an attacker to execut... |
| N/A | 2021-10-27 | CVE-2021-32951 | cve | WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by... |
| N/A | 2021-10-27 | CVE-2021-35233 | cve | The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will res... |
| N/A | 2021-10-27 | CVE-2021-35235 | cve | The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous versions. ASP.NET allows remote debugging of web applications, if configured to do so. D... |
| N/A | 2021-10-27 | CVE-2021-35236 | cve | The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. The Secure attribute tells the browser to only send the cookie if the request is ... |
| N/A | 2021-10-27 | CVE-2021-37122 | cve | There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the ser... |
| N/A | 2021-10-27 | CVE-2021-37124 | cve | There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special c... |
| N/A | 2021-10-27 | CVE-2021-37127 | cve | There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful... |
| N/A | 2021-10-27 | CVE-2021-37129 | cve | There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Succe... |
| N/A | 2021-10-27 | CVE-2021-37130 | cve | There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to ... |
| N/A | 2021-10-27 | CVE-2021-37131 | cve | There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operat... |
| N/A | 2021-10-27 | CVE-2021-38450 | cve | The affected controllers do not properly sanitize the input containing code syntax. As a result, an attacker could craft code to alter the intended controller flow of the software. |
| N/A | 2021-10-26 | CVE-2020-22864 | cve | A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG Editor 3.1.0 allows attackers to execute arbitrary web scripts or HTML. |
| N/A | 2021-10-26 | CVE-2021-23877 | cve | Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protection (MTP) prior to 16.0.34_x may allow a local user to run arbitrary code as the admin u... |
| N/A | 2021-10-26 | CVE-2021-41866 | cve | MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly. |
| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 198303 |
