| Page(s) : 1 ... 264 265 266 267 268 269 270 271 272 273 [274] 275 276 277 278 279 280 281 282 283 284 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2023-10-25 | CVE-2023-46133 | cve | CryptoES is a cryptography algorithms library compatible with ES6 and TypeScript. Prior to version 2.1.0, CryptoES PBKDF2 is 1,000 times weaker than originally specified in 1993... |
| 9.8 | 2023-10-25 | CVE-2023-46134 | cve | D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulner... |
| 9.1 | 2023-10-25 | CVE-2023-46233 | cve | crypto-js is a JavaScript library of crypto standards. Prior to version 4.2.0, crypto-js PBKDF2 is 1,000 times weaker than originally specified in 1993, and at least 1,300,000 t... |
| 9.8 | 2023-10-23 | CVE-2022-22466 | cve | IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communic... |
| 9.8 | 2023-10-23 | CVE-2023-27152 | cve | DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication. |
| 9.8 | 2023-10-23 | CVE-2023-37635 | cve | UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. |
| 9.8 | 2023-10-23 | CVE-2023-28805 | cve | An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105 |
| 9.8 | 2023-10-23 | CVE-2023-46321 | cve | iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line. |
| 9.8 | 2023-10-23 | CVE-2023-46322 | cve | iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's o... |
| 9.8 | 2023-10-23 | CVE-2023-5700 | cve | A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /protocol/iscgwtun... |
| 9.8 | 2023-10-22 | CVE-2023-5693 | cve | A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pages_reset_pwd.php. The ma... |
| 9.8 | 2023-10-22 | CVE-2023-46300 | cve | iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to tmux integration. |
| 9.8 | 2023-10-22 | CVE-2023-46301 | cve | iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain escape sequences related to upload. |
| 9.8 | 2023-10-21 | CVE-2023-5683 | cve | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231010 and classified as critical. This issue affects some unknown processing of the file /sysmanage/i... |
| 9.8 | 2023-10-21 | CVE-2023-5684 | cve | A vulnerability was found in Byzoro Smart S85F Management Platform up to 20231012. It has been declared as critical. Affected by this vulnerability is an unknown functionality o... |
| 9.8 | 2023-10-21 | CVE-2023-45666 | cve | stb_image is a single file MIT licensed library for processing images. It may look like `stbi__load_gif_main` doesn’t give guarantees about the content of output value `*delays... |
| 9.8 | 2023-10-20 | CVE-2023-37824 | cve | Sitolog sitologapplicationconnect v7.8.a and before was discovered to contain a SQL injection vulnerability via the component /activate_hook.php. |
| 9.8 | 2023-10-20 | CVE-2023-5682 | cve | A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manip... |
| 9.8 | 2023-10-20 | CVE-2023-34051 | cve | VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted ap... |
| 9.8 | 2023-10-20 | CVE-2020-36706 | cve | The Simple:Press – WordPress Forum Plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ~/admin/resources/jscript/ajaxupload/s... |
| Page(s) : 1 ... 264 265 266 267 268 269 270 271 272 273 [274] 275 276 277 278 279 280 281 282 283 284 ... | Result(s) : 43290 |
