Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... Result(s) : 173172

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
6.5 2020-07-29 CVE-2020-2078 cve Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plai...
7.5 2020-07-29 CVE-2020-2077 cve SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive d...
9.8 2020-07-29 CVE-2020-2076 cve SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send un...
6.1 2020-07-29 CVE-2020-16095 cve The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 allows XSS.
7.7 2020-07-29 CVE-2020-15125 cve In auth0 (npm package) versions before 2.27.1, a DenyList of specific keys that should be sanitized from the request object contained in the error object is used. The key for Au...
8.1 2020-07-29 CVE-2020-15099 cve In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, in a case where an attacker manages to generate a val...
8.8 2020-07-29 CVE-2020-15098 cve In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification ...
9.8 2020-07-29 CVE-2020-15086 cve In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered that an internal verification mechanism can be used to ge...
8.8 2020-07-29 CVE-2020-14488 cve OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.
9.8 2020-07-29 CVE-2020-14487 cve OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to l...
8.8 2020-07-29 CVE-2020-14486 cve An attacker may bypass permission/authorization checks in OpenClinic GA 5.09.02 and 5.89.05b by ignoring the redirect of a permission failure, which may allow unauthorized execu...
8.8 2020-07-29 CVE-2020-13699 cve TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstra...
5.9 2020-07-29 CVE-2020-11934 cve It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go wo...
6.8 2020-07-29 CVE-2020-11933 cve cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud...
6.7 2020-07-29 VU#174059 VU-CERT GRUB2 bootloader is vulnerable to buffer overflow
6.5 2020-07-29 CVE-2020-9692 cve Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
9.6 2020-07-29 CVE-2020-9691 cve Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.
4.2 2020-07-29 CVE-2020-9690 cve Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification...
6.5 2020-07-29 CVE-2020-9689 cve Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.
9.8 2020-07-29 CVE-2020-7698 cve This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized.
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... Result(s) : 173172