Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... Result(s) : 181683

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2021-01-15 CVE-2021-21247 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pag...
N/A 2021-01-15 CVE-2021-21246 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list ...
N/A 2021-01-15 CVE-2021-21245 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified...
N/A 2021-01-15 CVE-2021-21242 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServ...
N/A 2021-01-15 CVE-2020-25533 cve An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privilege...
N/A 2021-01-15 CVE-2021-21244 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation messag...
N/A 2021-01-15 CVE-2021-21243 cve OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. Th...
N/A 2021-01-15 CVE-2020-24641 cve In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclo...
N/A 2021-01-15 CVE-2020-24640 cve There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Su...
N/A 2021-01-15 CVE-2020-24639 cve There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Succ...
N/A 2021-01-15 CVE-2020-24638 cve Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute ...
N/A 2021-01-15 CVE-2021-22171 cve Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafte...
N/A 2021-01-15 CVE-2021-22168 cve A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8.
N/A 2021-01-15 CVE-2021-22167 cve An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to t...
N/A 2021-01-15 CVE-2021-22166 cve An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method
N/A 2021-01-15 CVE-2021-21237 cve Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current di...
N/A 2021-01-15 CVE-2021-20189 cve ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. ...
7.8 2021-01-15 CVE-2021-0223 cve A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary...
7.4 2021-01-15 CVE-2021-0222 cve A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent dev...
N/A 2021-01-15 CVE-2021-0221 cve In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic...
Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... Result(s) : 181683