| Page(s) : 1 ... 106 107 108 109 110 111 112 113 114 115 [116] 117 118 119 120 121 122 123 124 125 126 ... | Result(s) : 43231 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-09-11 | CVE-2024-27113 | cve | An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacke... |
| 9.8 | 2024-09-11 | CVE-2024-27114 | cve | A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-... |
| 9.8 | 2024-09-11 | CVE-2024-27115 | cve | A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files th... |
| 9.8 | 2024-09-11 | CVE-2024-44466 | cve | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parame... |
| 9.8 | 2024-09-11 | CVE-2024-45790 | cve | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker cou... |
| 9.8 | 2024-09-11 | CVE-2024-6091 | cve | A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured... |
| 9.8 | 2024-09-11 | CVE-2024-8277 | cve | The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not p... |
| 9.8 | 2024-09-10 | CVE-2024-45409 | cve | The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in |
| 9.8 | 2024-09-10 | CVE-2024-8191 | cve | SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. |
| 9.8 | 2024-09-10 | CVE-2023-36103 | cve | Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request. |
| 9.8 | 2024-09-10 | CVE-2023-37234 | cve | Loftware Spectrum through 4.6 has unprotected JMX Registry. |
| 9.8 | 2024-09-10 | CVE-2024-44677 | cve | eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an attacker to execute arbitrary code via the DatabaseController.java component. |
| 9.8 | 2024-09-10 | CVE-2024-45595 | cve | D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the serve... |
| 9.8 | 2024-09-10 | CVE-2024-21416 | cve | Windows TCP/IP Remote Code Execution Vulnerability |
| 9.8 | 2024-09-10 | CVE-2024-37341 | cve | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 9.8 | 2024-09-10 | CVE-2024-37980 | cve | Microsoft SQL Server Elevation of Privilege Vulnerability |
| 9.9 | 2024-09-10 | CVE-2024-38194 | cve | An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network. |
| 9 | 2024-09-10 | CVE-2024-38216 | cve | Azure Stack Hub Elevation of Privilege Vulnerability |
| 9.8 | 2024-09-10 | CVE-2024-38225 | cve | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability |
| 9.8 | 2024-09-10 | CVE-2024-38240 | cve | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability |
| Page(s) : 1 ... 106 107 108 109 110 111 112 113 114 115 [116] 117 118 119 120 121 122 123 124 125 126 ... | Result(s) : 43231 |
