| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 221739 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.2 | 2022-09-21 | CVE-2022-36386 | cve | Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin |
| 5.4 | 2022-09-21 | CVE-2022-36390 | cve | Authenticated (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Totalsoft Event Calendar – Calendar plugin |
| 5.4 | 2022-09-21 | CVE-2022-38073 | cve | Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin |
| 4.3 | 2022-09-21 | CVE-2022-3233 | cve | Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. |
| 7.2 | 2022-09-21 | CVE-2022-40217 | cve | Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin |
| N/A | 2022-09-21 | CVE-2022-35895 | cve | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, lea... |
| 7.5 | 2022-09-21 | CVE-2022-2265 | cve | The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fi... |
| 9.8 | 2022-09-21 | CVE-2022-37026 | cve | In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, an... |
| 5.3 | 2022-09-21 | CVE-2019-5641 | cve | Rapid7 InsightVM suffers from an information exposure issue whereby, when the user's session has ended due to inactivity, an attacker can use the Inspect Element browser fe... |
| 5.4 | 2022-09-21 | CVE-2022-37246 | cve | Craft CMS 4.2.0.1 is affected by Cross Site Scripting (XSS) in the file src/web/assets/cp/src/js/BaseElementSelectInput.js and in specific on the line label: elementInfo.label. |
| 5.4 | 2022-09-21 | CVE-2022-41224 | cve | Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-... |
| 5.4 | 2022-09-21 | CVE-2022-41225 | cve | Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vu... |
| 9.8 | 2022-09-21 | CVE-2022-41226 | cve | Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
| 8.8 | 2022-09-21 | CVE-2022-41227 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-spec... |
| 8.8 | 2022-09-21 | CVE-2022-41228 | cve | A missing permission check in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers with Overall/Read permissions to connect to an attack... |
| 5.4 | 2022-09-21 | CVE-2022-41229 | cve | Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.134 and earlier does not escape configuration options of the Execute NetStorm/NetCloud Test build step, resulting in... |
| 4.3 | 2022-09-21 | CVE-2022-41230 | cve | Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs... |
| 5.7 | 2022-09-21 | CVE-2022-41231 | cve | Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by... |
| 8 | 2022-09-21 | CVE-2022-41232 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller fi... |
| 4.3 | 2022-09-21 | CVE-2022-41233 | cve | Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain inf... |
| Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ... | Result(s) : 221739 |
