Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... Result(s) : 196497

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
8.8 2021-09-15 CVE-2020-19159 cve Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'.
N/A 2021-09-15 CVE-2021-21798 cve An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable t...
N/A 2021-09-15 CVE-2021-38156 cve In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard.
5.3 2021-09-15 CVE-2021-39189 cve Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This i...
N/A 2021-09-15 CVE-2021-27044 cve A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.
N/A 2021-09-15 CVE-2021-40157 cve A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to ru...
N/A 2021-09-15 CVE-2021-39209 cve GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in m...
N/A 2021-09-15 CVE-2020-21121 cve Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file.
N/A 2021-09-15 CVE-2020-21122 cve UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.
N/A 2021-09-15 CVE-2020-21124 cve UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page.
N/A 2021-09-15 CVE-2020-21125 cve An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code.
8.8 2021-09-15 CVE-2020-21126 cve MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo.
9.8 2021-09-15 CVE-2020-21127 cve MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.
N/A 2021-09-15 CVE-2021-27045 cve A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can ...
N/A 2021-09-15 CVE-2021-27046 cve A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files.
6.1 2021-09-15 CVE-2021-37412 cve The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar.
6.5 2021-09-15 CVE-2021-39210 cve GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, the cookie used to store the autologin cookie (when a user uses the "remember me" feature) i...
5.3 2021-09-15 CVE-2021-39211 cve GLPI is a free Asset and IT management software package. Starting in version 9.2 and prior to version 9.5.6, the telemetry endpoint discloses GLPI and server information. This i...
6.8 2021-09-15 CVE-2021-39213 cve GLPI is a free Asset and IT management software package. Starting in version 9.1 and prior to version 9.5.6, GLPI with API Rest enabled is vulnerable to API bypass with custom h...
N/A 2021-09-15 CVE-2021-39392 cve The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers'...
Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... Result(s) : 196497