| Page(s) : 1 ... 265 266 267 268 269 270 271 272 273 274 [275] 276 277 278 279 280 281 282 283 284 285 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-10-20 | CVE-2023-39680 | cve | Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing attackers to execute arbitrary code. |
| 9.8 | 2023-10-20 | CVE-2023-4402 | cve | The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the get_product... |
| 9.8 | 2023-10-20 | CVE-2023-4488 | cve | The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.9.7 via the editor-view.php file. This allows unauthenticated at... |
| 9.3 | 2023-10-20 | CVE-2023-5576 | cve | The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secre... |
| 9.8 | 2023-10-20 | CVE-2023-5533 | cve | The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and incl... |
| 9.6 | 2023-10-19 | CVE-2023-41895 | cve | Home assistant is an open source home automation. The Home Assistant login page allows users to use their local Home Assistant credentials and log in to another website that spe... |
| 9 | 2023-10-19 | CVE-2023-41896 | cve | Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 detected `auth_callback=1`, which is leveraged by the W... |
| 9.6 | 2023-10-19 | CVE-2023-41897 | cve | Home assistant is an open source home automation. Home Assistant server does not set any HTTP security headers, including the X-Frame-Options header, which specifies whether the... |
| 9.8 | 2023-10-19 | CVE-2023-43986 | cve | DM Concept configurator before v4.9.4 was discovered to contain a SQL injection vulnerability via the component ConfiguratorAttachment::getAttachmentByToken. |
| 9.8 | 2023-10-19 | CVE-2023-45381 | cve | In the module "Creative Popup" (creativepopup) up to version 1.6.9 from WebshopWorks for PrestaShop, a guest can perform SQL injection via `cp_download_popup().` |
| 9.6 | 2023-10-19 | CVE-2023-45992 | cve | A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute pers... |
| 10 | 2023-10-19 | CVE-2022-42150 | cve | TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape. |
| 9.8 | 2023-10-19 | CVE-2023-38584 | cve | In Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control... |
| 9.8 | 2023-10-19 | CVE-2023-43492 | cve | In Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control ... |
| 9.8 | 2023-10-19 | CVE-2023-45376 | cve | In the module "Carousels Pack - Instagram, Products, Brands, Supplier" (hicarouselspack) for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL... |
| 9.8 | 2023-10-19 | CVE-2023-30131 | cve | An issue discovered in IXP EasyInstall 6.6.14884.0 allows attackers to run arbitrary commands, gain escalated privilege, and cause other unspecified impacts via unauthenticated ... |
| 9.8 | 2023-10-19 | CVE-2023-35182 | cve | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability can be abused by unauthenticated users on SolarWinds ARM Server. |
| 9.8 | 2023-10-19 | CVE-2023-35184 | cve | The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resu... |
| 9.8 | 2023-10-19 | CVE-2023-35187 | cve | The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote ... |
| 9.8 | 2023-10-19 | CVE-2023-46042 | cve | An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo(). |
| Page(s) : 1 ... 265 266 267 268 269 270 271 272 273 274 [275] 276 277 278 279 280 281 282 283 284 285 ... | Result(s) : 43290 |
