| Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ... | Result(s) : 226487 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2022-11-29 | CVE-2022-4033 | cve | The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due t... |
| 7.8 | 2022-11-29 | CVE-2022-4034 | cve | The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers t... |
| 6.1 | 2022-11-29 | CVE-2022-4035 | cve | The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including, 1.3.72 due to i... |
| 5.3 | 2022-11-29 | CVE-2022-4036 | cve | The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use of insufficiently strong hashi... |
| 8.8 | 2022-11-29 | CVE-2022-44635 | cve | Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component of Apache Fineract, allowing an a... |
| 7.8 | 2022-11-29 | CVE-2022-45343 | cve | GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a heap use-after-free via the Q_IsTypeOn function at /gpac/src/bifs/unquantize.c. |
| 7.8 | 2022-11-29 | CVE-2022-21126 | cve | The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in ut... |
| 7.5 | 2022-11-29 | CVE-2022-25848 | cve | This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to ... |
| 9.8 | 2022-11-29 | CVE-2022-44354 | cve | SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. |
| 6.1 | 2022-11-29 | CVE-2022-44355 | cve | SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php. |
| 7.5 | 2022-11-29 | CVE-2022-44356 | cve | WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to downlo... |
| 5.4 | 2022-11-29 | CVE-2022-46148 | cve | Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the `stable` branch and versions 2.9.0.beta11 and prior on the `beta` and `tests-passed` branches... |
| 8.8 | 2022-11-29 | CVE-2022-46152 | cve | OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index v... |
| 4.3 | 2022-11-29 | CVE-2022-46150 | cve | Discourse is an open-source discussion platform. Prior to version 2.8.13 of the `stable` branch and version 2.9.0.beta14 of the `beta` and `tests-passed` branches, unauthorized ... |
| 6.5 | 2022-11-29 | CVE-2022-4144 | cve | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest p... |
| 6.5 | 2022-11-29 | CVE-2022-4172 | cve | An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() fu... |
| 6.1 | 2022-11-29 | CVE-2022-36433 | cve | The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading... |
| 8.8 | 2022-11-29 | CVE-2022-46146 | cve | Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, i someone has access to a Prometheus web.yml file and users' bcrypte... |
| 8.8 | 2022-11-29 | CVE-2022-4202 | cve | A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec... |
| 4.3 | 2022-11-29 | CVE-2022-45301 | cve | Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the Authenticated Users group write privileges for the path C:\tools\ruby31 and all files ... |
| Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ... | Result(s) : 226487 |
