Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 269 270 271 272 273 274 275 276 277 278 [279] 280 281 282 283 284 285 286 287 288 289 ... Result(s) : 43290

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2023-10-14 CVE-2023-45856 cve qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.
9.8 2023-10-14 CVE-2023-45852 cve In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr ...
9.8 2023-10-14 CVE-2023-45853 cve MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZ...
9.8 2023-10-14 CVE-2023-30154 cve Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta) for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection a...
9.8 2023-10-13 CVE-2023-4257 cve Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.
9.8 2023-10-13 CVE-2023-5572 cve Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0.
9.1 2023-10-13 CVE-2023-29464 cve FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size large...
9.8 2023-10-13 CVE-2023-45162 cve Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution.  Application of the relevant hotfix remediates this issue. fo...
9.8 2023-10-13 CVE-2023-45465 cve Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.
9.8 2023-10-13 CVE-2023-45466 cve Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings.
9.8 2023-10-13 CVE-2023-45467 cve Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.
9.1 2023-10-13 CVE-2023-4562 cve Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from t...
9.8 2023-10-12 CVE-2023-41262 cve An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the ...
9.6 2023-10-12 CVE-2023-45138 cve Change Request is an pplication allowing users to request changes on a wiki without publishing the changes directly. Starting in version 0.11 and prior to version 1.9.2, it'...
9.8 2023-10-12 CVE-2023-5554 cve Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to 13.16.0.
9.8 2023-10-12 CVE-2023-23737 cve Unauth. SQL Injection (SQLi) vulnerability in MainWP MainWP Broken Links Checker Extension plugin
9.8 2023-10-12 CVE-2023-40833 cve An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.
9.1 2023-10-12 CVE-2023-32723 cve Request to LDAP is sent before user permissions are checked.
9.8 2023-10-12 CVE-2023-29453 cve Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If...
9.8 2023-10-11 CVE-2023-35646 cve In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. ...
Page(s) : 1 ... 269 270 271 272 273 274 275 276 277 278 [279] 280 281 282 283 284 285 286 287 288 289 ... Result(s) : 43290