| Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 181683 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-01-15 | CVE-2021-21247 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener (`AbstractPostAjaxBehavior`) in all pag... |
| N/A | 2021-01-15 | CVE-2021-21246 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list ... |
| N/A | 2021-01-15 | CVE-2021-21245 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified... |
| N/A | 2021-01-15 | CVE-2021-21242 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServ... |
| N/A | 2021-01-15 | CVE-2020-25533 | cve | An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privilege... |
| N/A | 2021-01-15 | CVE-2021-21244 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation messag... |
| N/A | 2021-01-15 | CVE-2021-21243 | cve | OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. Th... |
| N/A | 2021-01-15 | CVE-2020-24641 | cve | In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclo... |
| N/A | 2021-01-15 | CVE-2020-24640 | cve | There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Su... |
| N/A | 2021-01-15 | CVE-2020-24639 | cve | There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Succ... |
| N/A | 2021-01-15 | CVE-2020-24638 | cve | Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute ... |
| N/A | 2021-01-15 | CVE-2021-22171 | cve | Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafte... |
| N/A | 2021-01-15 | CVE-2021-22168 | cve | A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version 12.8. |
| N/A | 2021-01-15 | CVE-2021-22167 | cve | An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to t... |
| N/A | 2021-01-15 | CVE-2021-22166 | cve | An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method |
| N/A | 2021-01-15 | CVE-2021-21237 | cve | Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current di... |
| N/A | 2021-01-15 | CVE-2021-20189 | cve | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. ... |
| 7.8 | 2021-01-15 | CVE-2021-0223 | cve | A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary... |
| 7.4 | 2021-01-15 | CVE-2021-0222 | cve | A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent dev... |
| N/A | 2021-01-15 | CVE-2021-0221 | cve | In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic... |
| Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 181683 |
