Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 19 20 21 22 23 24 25 26 27 28 [29] 30 31 32 33 34 35 36 37 38 39 ... Result(s) : 177074

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
7.5 2020-10-16 CVE-2020-4254 cve IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information....
N/A 2020-10-16 CVE-2020-3991 cve VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploit...
N/A 2020-10-16 CVE-2020-27178 cve Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.
N/A 2020-10-16 CVE-2020-26944 cve An issue was discovered in Aptean Product Configurator 4.61.0000 on Windows. A Time based SQL injection affects the nameTxt parameter on the main login page (aka cse?cmd=LOGIN)....
8.8 2020-10-16 CVE-2020-26682 cve In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
5.4 2020-10-16 CVE-2020-26672 cve Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php. If a user intercepts a request and inserts a payload in "cite" parame...
N/A 2020-10-16 CVE-2020-24408 cve Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. T...
6.1 2020-10-16 CVE-2020-16270 cve OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context...
7.2 2020-10-16 CVE-2020-15867 cve The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution.
N/A 2020-10-16 CVE-2020-15258 cve In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages c...
N/A 2020-10-16 CVE-2020-15255 cve In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadshee...
N/A 2020-10-16 CVE-2020-15254 cve Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated ca...
N/A 2020-10-16 CVE-2020-15252 cve In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools...
N/A 2020-10-16 CVE-2020-15157 cve In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format o...
N/A 2020-10-16 CVE-2020-14299 cve A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded...
7.2 2020-10-16 CVE-2020-14144 cve ** DISPUTED ** The git hook feature in Gitea 1.1.0 through 1.12.5 allows for authenticated remote code execution. NOTE: The vendor has indicated this is not a vulnerability and ...
7.8 2020-10-16 CVE-2020-26893 cve An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with...
N/A 2020-10-16 CVE-2019-19885 cve In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. A user with knowledge about the routes can read and write configuration data wit...
N/A 2020-10-16 CVE-2019-19513 cve The BASSMIDI plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows is prone to an out of bounds write vulnerability. An attacker may exploit this to execute code on the targ...
N/A 2020-10-16 CVE-2019-18796 cve The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service vulnerability (infinite loop) via a crafted .mp3 file. This weakness could allo...
Page(s) : 1 ... 19 20 21 22 23 24 25 26 27 28 [29] 30 31 32 33 34 35 36 37 38 39 ... Result(s) : 177074