| Page(s) : 1 ... 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 ... | Result(s) : 175447 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-09-14 | CVE-2020-25574 | cve | An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). |
| N/A | 2020-09-14 | CVE-2020-25573 | cve | An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint. |
| N/A | 2020-09-14 | CVE-2020-24457 | cve | Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denia... |
| 6.1 | 2020-09-14 | CVE-2020-21845 | cve | Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.' |
| 7.3 | 2020-09-14 | CVE-2020-13318 | cve | A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack. |
| 4.3 | 2020-09-14 | CVE-2020-13316 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via... |
| 10 | 2020-09-14 | CVE-2020-13300 | cve | GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow. |
| 8.1 | 2020-09-14 | CVE-2020-13299 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain... |
| 5.4 | 2020-09-14 | CVE-2020-13289 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated. |
| 4.3 | 2020-09-14 | CVE-2020-13287 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to confidential issues |
| 6.5 | 2020-09-14 | CVE-2020-13284 | cve | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token |
| N/A | 2020-09-14 | CVE-2020-0570 | cve | Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. |
| 6.1 | 2020-09-14 | CVE-2019-14756 | cve | An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-installed Email application is vulnerable to HTML and JavaScript injection attacks. An attacker can send a speci... |
| 8.1 | 2020-09-14 | CVE-2020-8817 | cve | Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata. |
| 5.4 | 2020-09-14 | CVE-2020-25380 | cve | Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the 'Recall Settings' field in admin.php. An attacker can... |
| 8.8 | 2020-09-14 | CVE-2020-25379 | cve | Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails to sanitize input from the 'Manufacturer[]' parameter which allows an authenticated attacker to in... |
| 6.1 | 2020-09-14 | CVE-2020-25378 | cve | Wordpress Plugin Store / AccessPress Themes WP Floating Menu V1.3.0 is affected by: Cross Site Scripting (XSS) via the id GET parameter. |
| 5.4 | 2020-09-14 | CVE-2020-25375 | cve | Wordpress Plugin Store / SoftradeWeb SNC WP SMART CRM V1.8.7 is affected by: Cross Site Scripting via the Business Name field, Tax Code field, First Name field, Address field, T... |
| 6.1 | 2020-09-14 | CVE-2020-22158 | cve | Ericsson RX8200 5.13.3 devices are vulnerable to multiple reflected and stored XSS. An attacker has to inject JavaScript code directly in the "path" or "Services+ID" parameters ... |
| 7.5 | 2020-09-14 | CVE-2020-12789 | cve | The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets. |
| Page(s) : 1 ... 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 ... | Result(s) : 175447 |
