| Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... | Result(s) : 171851 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2020-06-25 | CVE-2020-11735 | cve | The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak." |
| 9.8 | 2020-06-25 | CVE-2018-21268 | cve | The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which... |
| 5.9 | 2020-06-25 | CVE-2020-15047 | cve | MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers. |
| 7.5 | 2020-06-25 | CVE-2019-20892 | cve | net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to en... |
| N/A | 2020-06-25 | CVE-2020-5965 | cve | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an o... |
| N/A | 2020-06-25 | CVE-2020-5964 | cve | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such a... |
| N/A | 2020-06-25 | CVE-2020-5963 | cve | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, d... |
| N/A | 2020-06-24 | CVE-2020-5962 | cve | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a syst... |
| N/A | 2020-06-24 | CVE-2020-15046 | cve | The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admi... |
| 4.8 | 2020-06-24 | CVE-2020-15041 | cve | PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field. |
| 5.4 | 2020-06-24 | CVE-2020-15038 | cve | The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. |
| 6.5 | 2020-06-24 | CVE-2020-15005 | cve | In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security ... |
| N/A | 2020-06-24 | CVE-2020-13247 | cve | BooleBox Secure File Sharing Utility (potentially all versions) allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit... |
| 4.9 | 2020-06-24 | CVE-2020-15026 | cve | Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. |
| 4.9 | 2020-06-24 | CVE-2020-15025 | cve | ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not fr... |
| 5.4 | 2020-06-24 | CVE-2020-13248 | cve | BooleBox Secure File Sharing Utility (potentially all versions) allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. |
| 7.5 | 2020-06-24 | CVE-2020-9494 | cve | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large a... |
| 8 | 2020-06-24 | CVE-2020-6870 | cve | The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper wi... |
| 5.9 | 2020-06-24 | CVE-2020-4413 | cve | IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attack... |
| 5.3 | 2020-06-24 | CVE-2020-4342 | cve | IBM Security Secret Server 10.7 could disclose sensitive information included in installation files to an unauthorized user. IBM X-Force ID: 178182. |
| Page(s) : 1 ... 17 18 19 20 21 22 23 24 25 26 [27] 28 29 30 31 32 33 34 35 36 37 ... | Result(s) : 171851 |
