| Page(s) : 1 ... 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 [1198] 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 ... | Result(s) : 43698 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2018-04-17 | CVE-2018-10191 | cve | In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting ... |
| 9.8 | 2018-04-17 | CVE-2018-10192 | cve | IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The `com.ipvanish.osx.vpnhelper` LaunchDaemon implements an insecure XPC service that could all... |
| 9.8 | 2018-04-17 | CVE-2018-6797 | cve | An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. |
| 9.8 | 2018-04-17 | CVE-2018-6913 | cve | Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. |
| 9.8 | 2018-04-17 | CVE-2018-7539 | cve | On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../... |
| 9.8 | 2018-04-17 | CVE-2018-8733 | cve | Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes an... |
| 9.8 | 2018-04-17 | CVE-2018-8734 | cve | SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 pa... |
| 9.8 | 2018-04-16 | CVE-2018-10106 | cve | D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demons... |
| 9.8 | 2018-04-16 | CVE-2018-10133 | cve | PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\... |
| 9.8 | 2018-04-16 | CVE-2018-10169 | cve | ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint t... |
| 9.8 | 2018-04-16 | CVE-2018-10170 | cve | NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. This service establishes an NetNamedPipe endpoint th... |
| 9.3 | 2018-04-15 | GLSA-201804-12 | Gentoo | Go: Arbitrary code execution |
| 9.8 | 2018-04-13 | CVE-2017-0356 | cve | A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authenticatio... |
| 9.8 | 2018-04-13 | CVE-2017-0357 | cve | A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption. |
| 9.8 | 2018-04-13 | CVE-2017-0359 | cve | diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive. |
| 9.8 | 2018-04-13 | CVE-2017-0372 | cve | Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities. |
| 9.8 | 2018-04-13 | CVE-2018-10081 | cve | CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0... |
| 9.8 | 2018-04-13 | CVE-2018-10085 | cve | CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By... |
| 9.8 | 2018-04-13 | CVE-2018-5506 | cve | In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated brute... |
| 9.8 | 2018-04-13 | CVE-2018-6546 | cve | plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local... |
| Page(s) : 1 ... 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 [1198] 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 ... | Result(s) : 43698 |
