| Page(s) : 1 ... 186 187 188 189 190 191 192 193 194 195 [196] 197 198 199 200 201 202 203 204 205 206 ... | Result(s) : 43289 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-02-09 | CVE-2023-46687 | cve | In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote compu... |
| 9.8 | 2024-02-09 | CVE-2023-49716 | cve | In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer. |
| 9.8 | 2024-02-08 | CVE-2023-47132 | cve | An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. |
| 9.8 | 2024-02-08 | CVE-2024-0242 | cve | Under certain circumstances IQ Panel4 and IQ4 Hub panel software prior to version 4.4.2 could allow unauthorized access to settings. |
| 9.8 | 2024-02-08 | CVE-2024-22836 | cve | An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on ... |
| 9.8 | 2024-02-08 | CVE-2024-24495 | cve | SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote attacker to execute arbitrary code via crafted GET request. |
| 9.8 | 2024-02-08 | CVE-2024-24496 | cve | An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the home.php, add-tracker.php, delete-tracker.php, update-tracker.php components. |
| 9.8 | 2024-02-08 | CVE-2023-40266 | cve | An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows path traversal. |
| 9.8 | 2024-02-08 | CVE-2024-24393 | cve | File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute arbitrary code via crafted POST request. |
| 9.8 | 2024-02-08 | CVE-2023-42282 | cve | The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. |
| 9.8 | 2024-02-08 | CVE-2024-25189 | cve | libjwt 1.15.3 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. |
| 9.8 | 2024-02-08 | CVE-2024-25190 | cve | l8w8jwt 2.2.1 uses memcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. |
| 9.8 | 2024-02-08 | CVE-2024-25191 | cve | php-jwt 1.0.0 uses strcmp (which is not constant time) to verify authentication, which makes it easier to bypass authentication via a timing side channel. |
| 9.8 | 2024-02-08 | CVE-2023-50061 | cve | PrestaShop Op'art Easy Redirect >= 1.3.8 and |
| 9.8 | 2024-02-08 | CVE-2024-24213 | cve | Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an i... |
| 9.8 | 2024-02-08 | CVE-2024-24321 | cve | An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function. |
| 9.8 | 2024-02-08 | CVE-2024-24091 | cve | Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface. |
| 9.8 | 2024-02-08 | CVE-2024-24216 | cve | Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via the checkConnection method of /app/zentao/module/repo/model.php. |
| 9.8 | 2024-02-08 | CVE-2024-1207 | cve | The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and in... |
| 9.6 | 2024-02-08 | CVE-2023-48974 | cve | Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter. |
| Page(s) : 1 ... 186 187 188 189 190 191 192 193 194 195 [196] 197 198 199 200 201 202 203 204 205 206 ... | Result(s) : 43289 |
