Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... Result(s) : 171751

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2020-07-02 CVE-2020-15503 cve LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(s...
N/A 2020-07-02 CVE-2020-15091 cve TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have...
6.1 2020-07-02 CVE-2020-15083 cve In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS. The problem is fixed in 1.7.6.6
8.8 2020-07-02 CVE-2020-15082 cve In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6
5.3 2020-07-02 CVE-2020-15081 cve In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is information exposure in the upload directory. The problem is fixed in version 1.7.6.6. A possible workaround is t...
N/A 2020-07-02 CVE-2020-15080 cve In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in vers...
N/A 2020-07-02 CVE-2020-15079 cve In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in ver...
N/A 2020-07-02 CVE-2020-14092 cve The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.
N/A 2020-07-02 CVE-2020-13653 cve An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account...
N/A 2020-07-02 CVE-2020-12119 cve Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF). It increases the user's balance with the value of an unconfirmed transaction as soon as it is ...
5.4 2020-07-02 CVE-2020-11074 cve In PrestaShop from version 1.5.3.0 and before version 1.7.7.6, there is a stored XSS when using the name of a quick access item. The problem is fixed in 1.7.7.6.
N/A 2020-07-02 CVE-2019-20894 cve Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred.
N/A 2020-07-02 CVE-2020-9498 cve Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP ...
N/A 2020-07-02 CVE-2020-9497 cve Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, ...
N/A 2020-07-02 CVE-2020-7821 cve Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry...
N/A 2020-07-02 CVE-2020-7820 cve Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vu...
N/A 2020-07-02 CVE-2020-5911 cve In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.
N/A 2020-07-02 CVE-2020-5910 cve In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authen...
N/A 2020-07-02 CVE-2020-5909 cve In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certif...
N/A 2020-07-02 CVE-2020-3282 cve A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Com...
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... Result(s) : 171751