| Page(s) : 1 ... 223 224 225 226 227 228 229 230 231 232 [233] 234 235 236 237 238 239 240 241 242 243 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-12-22 | CVE-2023-51021 | cve | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi. |
| 9.8 | 2023-12-22 | CVE-2023-51022 | cve | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘langFlag’ parameter of the setLanguageCfg interface of the cstecgi .cgi. |
| 9.8 | 2023-12-22 | CVE-2023-51033 | cve | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi setOpModeCfg interface. |
| 9.8 | 2023-12-22 | CVE-2023-51034 | cve | TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the cstecgi.cgi UploadFirmwareFile interface. |
| 9.8 | 2023-12-22 | CVE-2023-51035 | cve | TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the cstecgi.cgi NTPSyncWithHost interface. |
| 9.1 | 2023-12-22 | CVE-2023-50731 | cve | MindsDB is a SQL Server for artificial intelligence. Prior to version 23.11.4.1, the `put` method in `mindsdb/mindsdb/api/http/namespaces/file.py` does not validate the user-con... |
| 9 | 2023-12-22 | CVE-2023-50928 | cve | "Sandbox Accounts for Events" provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could pote... |
| 9.8 | 2023-12-22 | CVE-2023-42017 | cve | IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted H... |
| 9.8 | 2023-12-22 | CVE-2023-49792 | cve | Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Ser... |
| 9.8 | 2023-12-22 | CVE-2023-51023 | cve | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ‘host_time’ parameter of the NTPSyncWithHost interface of the cstecgi .cgi. |
| 9.8 | 2023-12-22 | CVE-2023-51024 | cve | TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘tz’ parameter of the setNtpCfg interface of the cstecgi .cgi. |
| 9.8 | 2023-12-22 | CVE-2023-51025 | cve | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command execution in the ‘admuser’ parameter of the setPasswordCfg interface of the cstecgi .... |
| 9.8 | 2023-12-22 | CVE-2023-51026 | cve | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi. |
| 9.8 | 2023-12-22 | CVE-2023-51027 | cve | TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘apcliAuthMode’ parameter of the setWiFiExtenderConfig interface of the... |
| 9.8 | 2023-12-22 | CVE-2023-51028 | cve | TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the apcliChannel parameter of the setWiFiExtenderConfig interface of the cst... |
| 9.8 | 2023-12-22 | CVE-2023-51707 | cve | MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected. |
| 9.8 | 2023-12-22 | CVE-2022-47532 | cve | FileRun 20220519 allows SQL Injection via the "dir" parameter in a /?module=users§ion=cpanel&page=list request. |
| 9.8 | 2023-12-22 | CVE-2023-7058 | cve | A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. T... |
| 9.8 | 2023-12-21 | CVE-2023-7039 | cve | A vulnerability classified as critical has been found in Byzoro S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argum... |
| 9.8 | 2023-12-21 | CVE-2023-49032 | cve | An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code ... |
| Page(s) : 1 ... 223 224 225 226 227 228 229 230 231 232 [233] 234 235 236 237 238 239 240 241 242 243 ... | Result(s) : 43290 |
