| Page(s) : 1 ... 230 231 232 233 234 235 236 237 238 239 [240] 241 242 243 244 245 246 247 248 249 250 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-12-15 | CVE-2023-50089 | cve | A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after succes... |
| 9.8 | 2023-12-15 | CVE-2023-50917 | cve | MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is unrelated to the Majordomo mailing-list manager. |
| 9.8 | 2023-12-15 | CVE-2023-50918 | cve | app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs. |
| 9.8 | 2023-12-15 | CVE-2023-6553 | cve | The Backup Migration plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.7 via the /includes/backup-heart.php file. This is due... |
| 9.8 | 2023-12-15 | CVE-2023-33218 | cve | The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow. This could potentially lead to a Remote Code execution on the tar... |
| 9.8 | 2023-12-15 | CVE-2023-33219 | cve | The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation operations. This allows a stack-based buffer o... |
| 9.8 | 2023-12-15 | CVE-2023-33220 | cve | During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes to check. This allows a stack-based buffer ... |
| 9.8 | 2023-12-15 | CVE-2023-33221 | cve | When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying internally the data received. This allows a heap b... |
| 9.8 | 2023-12-15 | CVE-2023-33222 | cve | When handling contactless cards, usage of a specific function to get additional information from the card which doesn't check the boundary on the data received wh... |
| 9.8 | 2023-12-15 | CVE-2023-48376 | cve | SmartStar Software CWS is a web-based integration platform, its file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker ... |
| 9.8 | 2023-12-15 | CVE-2023-29234 | cve | A deserialization vulnerability existed when decode a malicious package.This issue affects Apache Dubbo: from 3.1.0 through 3.1.10, from 3.2.0 through 3.2.4. Users are recommen... |
| 9.8 | 2023-12-15 | CVE-2023-46279 | cve | Deserialization of Untrusted Data vulnerability in Apache Dubbo.This issue only affects Apache Dubbo 3.1.5. Users are recommended to upgrade to the latest version, which fixes ... |
| 9.8 | 2023-12-15 | CVE-2023-40954 | cve | A SQL injection vulnerability in Grzegorz Marczynski Dynamic Progress Bar (aka web_progress) v. 11.0 through 11.0.2, v12.0 through v12.0.2, v.13.0 through v13.0.2, v.14.0 throug... |
| 9.8 | 2023-12-15 | CVE-2023-48050 | cve | SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows ... |
| 9.8 | 2023-12-15 | CVE-2023-48049 | cve | A SQL injection vulnerability in Cybrosys Techno Solutions Website Blog Search (aka website_search_blog) v. 13.0 through 13.0.1.0.1 allows a remote attacker to execute arbitrary... |
| 10 | 2023-12-14 | CVE-2023-45894 | cve | The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code... |
| 9.8 | 2023-12-14 | CVE-2023-4489 | cve | The first S0 encryption key is generated with an uninitialized PRNG in Z/IP Gateway products running Silicon Labs Z/IP Gateway SDK v7.18.3 and earlier. This makes the first S0 k... |
| 9.8 | 2023-12-14 | CVE-2023-50073 | cve | EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php. |
| 9.8 | 2023-12-14 | CVE-2023-50563 | cve | Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php. |
| 9.8 | 2023-12-14 | CVE-2023-47261 | cve | Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync /#/gettingstarted request contains a connection string for privileg... |
| Page(s) : 1 ... 230 231 232 233 234 235 236 237 238 239 [240] 241 242 243 244 245 246 247 248 249 250 ... | Result(s) : 43290 |
