| Page(s) : 1 ... 255 256 257 258 259 260 261 262 263 264 [265] 266 267 268 269 270 271 272 273 274 275 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-11-01 | CVE-2023-44025 | cve | SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the getrulebyid function in t... |
| 9.9 | 2023-11-01 | CVE-2023-20048 | cve | A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized c... |
| 9.8 | 2023-11-01 | CVE-2023-5765 | cve | Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data... |
| 9.8 | 2023-11-01 | CVE-2023-5766 | cve | A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session ... |
| 9.8 | 2023-11-01 | CVE-2023-46482 | cve | SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/inde... |
| 9.6 | 2023-11-01 | CVE-2023-1716 | cve | Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possi... |
| 9.6 | 2023-11-01 | CVE-2023-1717 | cve | Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript cod... |
| 9.8 | 2023-11-01 | CVE-2023-1719 | cve | Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execu... |
| 9.8 | 2023-10-31 | CVE-2023-46484 | cve | An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function. |
| 9.8 | 2023-10-31 | CVE-2023-46485 | cve | An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component. |
| 9.8 | 2023-10-31 | CVE-2023-46249 | cve | authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker... |
| 9.8 | 2023-10-31 | CVE-2023-46256 | cve | PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function du... |
| 9.8 | 2023-10-31 | CVE-2023-24000 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GamiPress gamipress allows SQL Injection.This issue affects GamiP... |
| 9.8 | 2023-10-31 | CVE-2023-46976 | cve | TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function. |
| 9.8 | 2023-10-31 | CVE-2023-46977 | cve | TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth. |
| 9.8 | 2023-10-31 | CVE-2023-46979 | cve | TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function. |
| 9.8 | 2023-10-31 | CVE-2023-5360 | cve | The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary fi... |
| 9.8 | 2023-10-31 | CVE-2023-22518 | cve | All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to... |
| 9.8 | 2023-10-31 | CVE-2023-24410 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Co... |
| 9.8 | 2023-10-31 | CVE-2023-31212 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms c... |
| Page(s) : 1 ... 255 256 257 258 259 260 261 262 263 264 [265] 266 267 268 269 270 271 272 273 274 275 ... | Result(s) : 43290 |
