| Page(s) : 1 ... 192 193 194 195 196 197 198 199 200 201 [202] 203 204 205 206 207 208 209 210 211 212 ... | Result(s) : 43289 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-02-02 | CVE-2023-48793 | cve | Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature. |
| 9.8 | 2024-02-02 | CVE-2024-22779 | cve | Directory Traversal vulnerability in Kihron ServerRPExposer v.1.0.2 and before allows a remote attacker to execute arbitrary code via the loadServerPack in ServerResourcePackPro... |
| 9.8 | 2024-02-02 | CVE-2024-22901 | cve | Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials. |
| 9.8 | 2024-02-02 | CVE-2024-22902 | cve | Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials. |
| 9.8 | 2024-02-02 | CVE-2024-23746 | cve | Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments (bypass a kTCCServiceSystemPolicyAppBun... |
| 9.8 | 2024-02-02 | CVE-2024-22319 | cve | IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing ... |
| 9.8 | 2024-02-02 | CVE-2024-22533 | cve | Before Beetl v3.15.12, the rendering template has a server-side template injection (SSTI) vulnerability. When the incoming template is controllable, it will be filtered by the D... |
| 9.8 | 2024-02-02 | CVE-2024-0685 | cve | The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitte... |
| 9.8 | 2024-02-02 | CVE-2024-24482 | cve | Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal. |
| 9.8 | 2024-02-02 | CVE-2024-21764 | cve | In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port. |
| 9.8 | 2024-02-01 | CVE-2023-46706 | cve | Multiple MachineSense devices have credentials unable to be changed by the user or administrator. |
| 9.1 | 2024-02-01 | CVE-2023-49617 | cve | The MachineSense application programmable interface (API) is improperly protected and can be accessed without authentication. A remote attacker could retrieve and modify se... |
| 9.1 | 2024-02-01 | CVE-2023-5841 | cve | Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3... |
| 9.8 | 2024-02-01 | CVE-2023-4472 | cve | Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator (PRNG) coupled to a predictable seed, which could lead to an unauthentica... |
| 9.8 | 2024-02-01 | CVE-2024-1039 | cve | Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device. |
| 9.8 | 2024-02-01 | CVE-2024-24754 | cve | Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda event is conve... |
| 9.8 | 2024-02-01 | CVE-2024-23832 | cve | Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all... |
| 9.8 | 2024-02-01 | CVE-2024-24561 | cve | Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for st... |
| 9.8 | 2024-02-01 | CVE-2023-6078 | cve | An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script ... |
| 9.1 | 2024-01-31 | CVE-2024-21917 | cve | A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FT... |
| Page(s) : 1 ... 192 193 194 195 196 197 198 199 200 201 [202] 203 204 205 206 207 208 209 210 211 212 ... | Result(s) : 43289 |
