| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 171161 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-09-25 | CVE-2021-21742 | cve | There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain... |
| N/A | 2021-09-24 | CVE-2020-20508 | cve | Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted p... |
| N/A | 2021-09-24 | CVE-2020-20514 | cve | A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/.html allows authenticated attackers to delete all users. |
| N/A | 2021-09-24 | CVE-2021-22868 | cve | A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used b... |
| N/A | 2021-09-24 | CVE-2021-22869 | cve | An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affec... |
| N/A | 2021-09-24 | CVE-2021-35313 | cve | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. ... |
| 7.8 | 2021-09-24 | CVE-2021-2464 | cve | Vulnerability in Oracle Linux (component: OSwatcher). Supported versions that are affected are 7 and 8. Easily exploitable vulnerability allows low privileged attacker with logo... |
| N/A | 2021-09-24 | CVE-2021-39246 | cve | Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --log or --verbose is used, ex... |
| N/A | 2021-09-24 | CVE-2021-41503 | cve | ** UNSUPPORTED WHEN ASSIGNED ** DCS-5000L v1.05 and DCS-932L v2.17 and older are affecged by Incorrect Acess Control. The use of the basic authentication for the devices command... |
| N/A | 2021-09-24 | CVE-2021-41504 | cve | ** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in D-Link DCS-5000L v1.05 and DCS-932L v2.17 and older. The use of the digest-authentication for the devices ... |
| N/A | 2021-09-24 | CVE-2016-6555 | cve | OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker ca... |
| N/A | 2021-09-24 | CVE-2016-6556 | cve | OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName'... |
| N/A | 2021-09-24 | CVE-2021-40654 | cve | An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page |
| N/A | 2021-09-24 | CVE-2021-40655 | cve | An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.p... |
| N/A | 2021-09-24 | CVE-2021-40099 | cve | An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution. |
| N/A | 2021-09-24 | CVE-2021-40100 | cve | An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can occur in Conversations when the Active Conversation Editor is set to Rich Text. |
| N/A | 2021-09-24 | CVE-2021-40102 | cve | An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR deserialization in is_dir (PHP Object Injection associated with the __wakeup ma... |
| N/A | 2021-09-24 | CVE-2021-41586 | cve | In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially reset the system user password. |
| N/A | 2021-09-24 | CVE-2021-41587 | cve | In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can potentially discover credentials for other resources. |
| N/A | 2021-09-24 | CVE-2021-41588 | cve | In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary unsafe Java objects. The attacker must have the encryption and signing keys. |
| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 171161 |
