Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... Result(s) : 190407

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2021-06-18 CVE-2021-34808 cve Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before 1.8.3-2881 allows remote attackers to access intranet resources via unspecified...
N/A 2021-06-18 CVE-2021-34809 cve Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8....
N/A 2021-06-18 CVE-2021-34810 cve Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unsp...
N/A 2021-06-18 CVE-2021-34811 cve Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to access intrane...
N/A 2021-06-18 CVE-2021-34812 cve Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0-0761 allows remote attackers to obtain sensitive information via unspecified vectors.
N/A 2021-06-17 CVE-2021-32695 cve Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of ...
N/A 2021-06-17 CVE-2021-32424 cve In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page....
N/A 2021-06-17 CVE-2021-32426 cve In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the "echo" command.
N/A 2021-06-17 CVE-2021-32694 cve Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Cli...
N/A 2021-06-17 CVE-2021-32693 cve Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with ...
N/A 2021-06-17 CVE-2020-36388 cve In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
N/A 2021-06-17 CVE-2020-36389 cve In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
N/A 2021-06-17 CVE-2021-32575 cve HashiCorp Nomad and Nomad Enterprise up to version 1.0.4 bridge networking mode allows ARP spoofing from other bridged tasks on the same node. Fixed in 0.12.12, 1.0.5, and 1.1.0...
N/A 2021-06-17 CVE-2021-33557 cve An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hid...
N/A 2021-06-17 CVE-2021-31818 cve Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t paramete...
N/A 2021-06-17 CVE-2021-34825 cve Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
N/A 2021-06-17 CVE-2020-25414 cve A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.
N/A 2021-06-17 CVE-2021-32078 cve An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn'...
N/A 2021-06-17 CVE-2013-20002 cve Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file.
N/A 2021-06-17 CVE-2020-19202 cve An authenticated Stored XSS (Cross-site Scripting) exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 (x86_64)...
Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... Result(s) : 190407