| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 272245 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-04-26 | CVE-2022-48682 | cve | In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a symlink. |
| N/A | 2024-04-26 | CVE-2024-33665 | cve | angular-translate through 2.19.1 allows XSS via a crafted key that is used by the translate directive. NOTE: the vendor indicates that there is no documentation indicating that ... |
| N/A | 2024-04-26 | CVE-2024-33666 | cve | An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should b... |
| N/A | 2024-04-26 | CVE-2024-33667 | cve | An issue was discovered in Zammad before 6.3.0. An authenticated agent could perform a remote Denial of Service attack by calling an endpoint that accepts a generic method name,... |
| N/A | 2024-04-26 | CVE-2024-33668 | cve | An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially guessable FormIDs to identify content. An attacker could try to brute force them... |
| N/A | 2024-04-26 | CVE-2024-33669 | cve | An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an informat... |
| N/A | 2024-04-26 | CVE-2024-33670 | cve | Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom content being displayed when a user visits the crafted URL. Although the injected content... |
| N/A | 2024-04-26 | CVE-2024-33671 | cve | An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. The Backup Exec Deduplication Multi-threaded Streaming Agent can be leveraged to perform arbitrary file... |
| N/A | 2024-04-26 | CVE-2024-33672 | cve | An issue was discovered in Veritas NetBackup before 10.4. The Multi-Threaded Agent used in NetBackup can be leveraged to perform arbitrary file deletion on protected files. |
| N/A | 2024-04-26 | CVE-2024-33673 | cve | An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path. |
| N/A | 2024-04-26 | CVE-2023-47252 | cve | An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering... |
| N/A | 2024-04-26 | CVE-2024-31755 | cve | cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. |
| N/A | 2024-04-26 | CVE-2024-4163 | cve | The Skylab IGX IIoT Gateway allowed users to connect to it via a limited shell terminal (IGX). However, it was discovered that the process was running under root privileges. Thi... |
| N/A | 2024-04-26 | CVE-2024-22632 | cve | Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hmsg parameter. This vulnerabi... |
| N/A | 2024-04-26 | CVE-2024-22633 | cve | Setor Informatica Sistema Inteligente para Laboratorios (S.I.L.) 388 was discovered to contain a remote code execution (RCE) vulnerability via the hprinter parameter. This vulne... |
| N/A | 2024-04-26 | CVE-2024-32404 | cve | Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sand... |
| N/A | 2024-04-26 | CVE-2024-32406 | cve | Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue... |
| N/A | 2024-04-26 | CVE-2024-3154 | cve | A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an ar... |
| N/A | 2024-04-25 | CVE-2024-31609 | cve | Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration. |
| N/A | 2024-04-25 | CVE-2024-31610 | cve | File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload... |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 272245 |
