Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 266 267 268 269 270 271 272 273 274 275 [276] 277 278 279 280 281 282 283 284 285 286 ... Result(s) : 43290

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2023-10-19 CVE-2022-47583 cve Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal.
9.1 2023-10-19 CVE-2023-45278 cve Directory Traversal vulnerability in the storage functionality of the API in Yamcs 5.8.6 allows attackers to delete arbitrary files via crafted HTTP DELETE request.
9.6 2023-10-19 CVE-2022-37830 cve Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
9.8 2023-10-19 CVE-2023-45379 cve In the module "Rotator Img" (posrotatorimg) in versions at least up to 1.1 from PosThemes for PrestaShop, a guest can perform SQL injection.
9.8 2023-10-19 CVE-2023-45384 cve KnowBand supercheckout > 5.0.7 and < 6.0.7 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the module "Module One Page Checkout, Social Login & Mailchimp" (...
9.8 2023-10-19 CVE-2023-37503 cve HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.
10 2023-10-18 CVE-2023-45146 cve XXL-RPC is a high performance, distributed RPC framework. With it, a TCP server can be set up using the Netty framework and the Hessian serialization mechanism. When such a conf...
9.8 2023-10-18 CVE-2023-45911 cve An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password.
9.8 2023-10-18 CVE-2023-4601 cve A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. Successful exploitatio...
9.8 2023-10-18 CVE-2023-5642 cve Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information.
9.8 2023-10-18 CVE-2023-46005 cve Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php.
9.8 2023-10-18 CVE-2023-46006 cve Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php.
9.8 2023-10-18 CVE-2023-46007 cve Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php.
9.8 2023-10-18 CVE-2023-35084 cve Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti Endpoint Manager 2022 su3 and all previous versions, which could allow an attac...
9.8 2023-10-18 CVE-2023-38545 cve This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the...
9.8 2023-10-18 CVE-2023-39332 cve Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Node.js environments, the `Buffer` class extends the `Uint8Array` class. Node.js...
9.8 2023-10-17 CVE-2023-41630 cve eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the Gii code generator component.
9.8 2023-10-17 CVE-2023-45951 cve lylme_spage v1.7.0 was discovered to contain a SQL injection vulnerability via the $userip parameter at function.php.
9.8 2023-10-17 CVE-2023-45952 cve An arbitrary file upload vulnerability in the component ajax_link.php of lylme_spage v1.7.0 allows attackers to execute arbitrary code via uploading a crafted file.
9.8 2023-10-17 CVE-2023-27132 cve TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only abo...
Page(s) : 1 ... 266 267 268 269 270 271 272 273 274 275 [276] 277 278 279 280 281 282 283 284 285 286 ... Result(s) : 43290