| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 179026 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-11-19 | CVE-2020-9049 | cve | A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to creat... |
| N/A | 2020-11-19 | CVE-2020-6879 | cve | Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code ... |
| 5.4 | 2020-11-19 | CVE-2020-4718 | cve | IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the... |
| N/A | 2020-11-19 | CVE-2020-4701 | cve | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a... |
| 6.1 | 2020-11-19 | CVE-2020-28947 | cve | In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled. |
| N/A | 2020-11-19 | CVE-2020-28942 | cve | An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST while proxied through an RA over the Peers protocol. As a part of EJBCA's domain security model, the ... |
| N/A | 2020-11-19 | CVE-2020-28054 | cve | JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session ... |
| N/A | 2020-11-19 | CVE-2020-25703 | cve | The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 ... |
| N/A | 2020-11-19 | CVE-2020-25702 | cve | In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10. |
| N/A | 2020-11-19 | CVE-2020-25701 | cve | If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment met... |
| N/A | 2020-11-19 | CVE-2020-25700 | cve | In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3... |
| N/A | 2020-11-19 | CVE-2020-25699 | cve | In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3... |
| N/A | 2020-11-19 | CVE-2020-25698 | cve | Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users witho... |
| 6.1 | 2020-11-19 | CVE-2020-22394 | cve | In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability. |
| N/A | 2020-11-19 | CVE-2020-12510 | cve | The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. If the directory does not exist it and further subdirectories are created... |
| N/A | 2020-11-19 | CVE-2020-12496 | cve | Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to expo... |
| N/A | 2020-11-19 | CVE-2020-12495 | cve | Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) with Firmware version prior to V2.0.0 is prone to improper privilege management. The affected device has a web-... |
| N/A | 2020-11-19 | CVE-2020-11831 | cve | OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. |
| N/A | 2020-11-19 | CVE-2020-11830 | cve | QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0. |
| N/A | 2020-11-19 | CVE-2020-11829 | cve | Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722. |
| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 179026 |
