| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 171751 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-07-02 | CVE-2020-15503 | cve | LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(s... |
| N/A | 2020-07-02 | CVE-2020-15091 | cve | TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have... |
| 6.1 | 2020-07-02 | CVE-2020-15083 | cve | In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS. The problem is fixed in 1.7.6.6 |
| 8.8 | 2020-07-02 | CVE-2020-15082 | cve | In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6 |
| 5.3 | 2020-07-02 | CVE-2020-15081 | cve | In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is information exposure in the upload directory. The problem is fixed in version 1.7.6.6. A possible workaround is t... |
| N/A | 2020-07-02 | CVE-2020-15080 | cve | In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible. The problem is fixed in vers... |
| N/A | 2020-07-02 | CVE-2020-15079 | cve | In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in ver... |
| N/A | 2020-07-02 | CVE-2020-14092 | cve | The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. |
| N/A | 2020-07-02 | CVE-2020-13653 | cve | An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account... |
| N/A | 2020-07-02 | CVE-2020-12119 | cve | Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF). It increases the user's balance with the value of an unconfirmed transaction as soon as it is ... |
| 5.4 | 2020-07-02 | CVE-2020-11074 | cve | In PrestaShop from version 1.5.3.0 and before version 1.7.7.6, there is a stored XSS when using the name of a quick access item. The problem is fixed in 1.7.7.6. |
| N/A | 2020-07-02 | CVE-2019-20894 | cve | Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. |
| N/A | 2020-07-02 | CVE-2020-9498 | cve | Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP ... |
| N/A | 2020-07-02 | CVE-2020-9497 | cve | Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, ... |
| N/A | 2020-07-02 | CVE-2020-7821 | cve | Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry... |
| N/A | 2020-07-02 | CVE-2020-7820 | cve | Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vu... |
| N/A | 2020-07-02 | CVE-2020-5911 | cve | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system. |
| N/A | 2020-07-02 | CVE-2020-5910 | cve | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authen... |
| N/A | 2020-07-02 | CVE-2020-5909 | cve | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certif... |
| N/A | 2020-07-02 | CVE-2020-3282 | cve | A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Com... |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 171751 |
