| Page(s) : 1 ... 242 243 244 245 246 247 248 249 250 251 [252] 253 254 255 256 257 258 259 260 261 262 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-11-28 | CVE-2023-3545 | cve | Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo LMS |
| 9.8 | 2023-11-28 | CVE-2023-48022 | cve | Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant be... |
| 9.1 | 2023-11-28 | CVE-2023-48023 | cve | Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not inten... |
| 9.8 | 2023-11-28 | CVE-2023-47503 | cve | An issue in jflyfox jfinalCMS v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp component in the template management module. |
| 9.8 | 2023-11-27 | CVE-2023-46349 | cve | In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method `productsU... |
| 9.8 | 2023-11-27 | CVE-2023-46480 | cve | An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function. |
| 9.8 | 2023-11-27 | CVE-2023-48188 | cve | SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation f... |
| 9.8 | 2023-11-27 | CVE-2022-41951 | cve | OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. Path Traversal is possible in `Oro\Bundl... |
| 9.8 | 2023-11-27 | CVE-2023-49044 | cve | Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set. |
| 9.8 | 2023-11-27 | CVE-2023-49043 | cve | Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat. |
| 9.8 | 2023-11-27 | CVE-2023-49046 | cve | Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule. |
| 9.8 | 2023-11-27 | CVE-2023-41998 | cve | Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and ex... |
| 9.8 | 2023-11-27 | CVE-2023-41999 | cve | An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote attacker can obtain a valid authentication identifier that allows them to authen... |
| 9.8 | 2023-11-27 | CVE-2023-42000 | cve | Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload(). An unauthenticated remote attacker can exp... |
| 9.8 | 2023-11-27 | CVE-2023-49040 | cve | An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function. |
| 9.8 | 2023-11-27 | CVE-2023-49042 | cve | Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the fu... |
| 9.8 | 2023-11-27 | CVE-2023-4922 | cve | The WPB Show Core WordPress plugin through 2.2 is vulnerable to a local file inclusion via the `path` parameter. |
| 9.1 | 2023-11-27 | CVE-2023-5559 | cve | The 10Web Booster WordPress plugin before 2.24.18 does not validate the option name given to some AJAX actions, allowing unauthenticated users to delete arbitrary options from t... |
| 9.8 | 2023-11-27 | CVE-2023-5604 | cve | The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthent... |
| 9.8 | 2023-11-27 | CVE-2023-5974 | cve | The WPB Show Core WordPress plugin through 2.2 is vulnerable to server-side request forgery (SSRF) via the `path` parameter. |
| Page(s) : 1 ... 242 243 244 245 246 247 248 249 250 251 [252] 253 254 255 256 257 258 259 260 261 262 ... | Result(s) : 43290 |
