| Page(s) : 1 ... 995 996 997 998 999 1000 1001 1002 1003 1004 [1005] 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 ... | Result(s) : 43591 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2019-09-09 | CVE-2019-16184 | cve | A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the e... |
| 9.8 | 2019-09-09 | CVE-2019-12405 | cve | Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user... |
| 9.8 | 2019-09-09 | CVE-2018-21013 | cve | The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-a... |
| 9.8 | 2019-09-09 | CVE-2019-16192 | cve | upload_model() in /admini/controllers/system/managemodel.php in DocCms 2016.5.17 allow remote attackers to execute arbitrary PHP code through module management files, as demonst... |
| 9.8 | 2019-09-09 | CVE-2019-16139 | cve | An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read. |
| 9.8 | 2019-09-09 | CVE-2019-16142 | cve | An issue was discovered in the renderdoc crate before 0.5.0 for Rust. Multiple exposed methods take self by immutable reference, which is incompatible with a multi-threaded appl... |
| 9.8 | 2019-09-08 | CVE-2019-16125 | cve | In Jobberbase 2.0, the parameter category is not sanitized in public/page_subscribe.php, leading to /subscribe SQL injection. |
| 9.8 | 2019-09-08 | CVE-2019-16119 | cve | SQL injection in the photo-gallery (10Web Photo Gallery) plugin before 1.5.35 for WordPress exists via the admin/controllers/Albumsgalleries.php album_id parameter. |
| 9.8 | 2019-09-08 | CVE-2019-16102 | cve | Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity. |
| 9.8 | 2019-09-08 | CVE-2019-16124 | cve | In YouPHPTube 7.4, the file install/checkConfiguration.php has no access control, which leads to everyone being able to edit the configuration file, and insert malicious PHP code. |
| 9.8 | 2019-09-07 | CVE-2019-16092 | cve | Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. |
| 9.8 | 2019-09-07 | CVE-2019-16093 | cve | Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. |
| 10 | 2019-09-07 | GLSA-201909-06 | Gentoo | Exim: Multiple vulnerabilities |
| 9.8 | 2019-09-06 | CVE-2019-16060 | cve | The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist_keys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in... |
| 9.8 | 2019-09-06 | CVE-2019-10891 | cve | An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled... |
| 9.8 | 2019-09-06 | CVE-2019-11926 | cve | Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invali... |
| 9.8 | 2019-09-06 | CVE-2016-7398 | cve | A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl-http extension 3.1.0beta2 (PHP 7) and earlier as well as 2.6.0beta2 (PHP 5) ... |
| 9.8 | 2019-09-06 | CVE-2019-9855 | cve | LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is laun... |
| 9.8 | 2019-09-06 | CVE-2019-11925 | cve | Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPE... |
| 9.8 | 2019-09-06 | CVE-2019-10892 | cve | An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checkin... |
| Page(s) : 1 ... 995 996 997 998 999 1000 1001 1002 1003 1004 [1005] 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 ... | Result(s) : 43591 |
