| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 187646 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-04-28 | CVE-2021-31864 | cve | Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. |
| N/A | 2021-04-28 | CVE-2021-31863 | cve | Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local ... |
| N/A | 2021-04-28 | CVE-2021-31779 | cve | The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account. |
| N/A | 2021-04-28 | CVE-2021-27648 | cve | Externally controlled reference to a resource in another sphere in quarantine functionality in Synology Antivirus Essential before 1.4.8-2801 allows remote authenticated users t... |
| N/A | 2021-04-28 | CVE-2021-31777 | cve | The dce (aka Dynamic Content Element) extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account. |
| N/A | 2021-04-28 | CVE-2021-31778 | cve | The media2click (aka 2 Clicks for External Media) extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account. |
| 6.1 | 2021-04-28 | CVE-2021-27933 | cve | pfSense 2.5.0 allows XSS via the services_wol_edit.php Description field. |
| N/A | 2021-04-28 | CVE-2021-31856 | cve | A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order par... |
| N/A | 2021-04-28 | CVE-2021-31815 | cve | GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person ... |
| N/A | 2021-04-28 | CVE-2021-3511 | cve | Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and... |
| N/A | 2021-04-28 | CVE-2020-36326 | cve | PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose beca... |
| N/A | 2021-04-28 | CVE-2021-3512 | cve | Improper access control vulnerability in Buffalo broadband routers (BHR-4GRV firmware Ver.1.99 and prior, DWR-HP-G300NH firmware Ver.1.83 and prior, HW-450HP-ZWE firmware Ver.1.... |
| N/A | 2021-04-28 | CVE-2021-20716 | cve | Hidden functionality in multiple Buffalo network devices (BHR-4RV firmware Ver.2.55 and prior, FS-G54 firmware Ver.2.04 and prior, WBR2-B11 firmware Ver.2.32 and prior, WBR2-G54... |
| N/A | 2021-04-27 | CVE-2021-29441 | cve | Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnaco... |
| N/A | 2021-04-27 | CVE-2021-29460 | cve | Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like `` tags. The direct link to that file can b... |
| N/A | 2021-04-27 | CVE-2021-30128 | cve | Apache OFBiz has unsafe deserialization prior to 17.12.07 version |
| N/A | 2021-04-27 | CVE-2021-29200 | cve | Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack |
| N/A | 2021-04-27 | CVE-2021-29476 | cve | Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 sho... |
| N/A | 2021-04-27 | CVE-2021-29472 | cve | Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically cr... |
| N/A | 2021-04-27 | CVE-2021-29442 | cve | Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform... |
| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 187646 |
