| Page(s) : 1 ... 290 291 292 293 294 295 296 297 298 299 [300] 301 302 303 304 305 306 307 308 309 310 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-09-07 | CVE-2023-39422 | cve | The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. These tokens are however exposed in a JavaScript file loa... |
| 9.1 | 2023-09-07 | CVE-2023-39423 | cve | The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions t... |
| 9.8 | 2023-09-06 | CVE-2023-0925 | cve | Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI inter... |
| 9.8 | 2023-09-06 | CVE-2023-20238 | cve | A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauth... |
| 9.1 | 2023-09-06 | CVE-2023-20269 | cve | A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthentic... |
| 9.8 | 2023-09-06 | CVE-2023-41330 | cve | knplabs/knp-snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. ## Issue On March 17th the vulnerability CVE-2023-28115 was disclo... |
| 9.8 | 2023-09-06 | CVE-2020-10131 | cve | SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter. |
| 9.8 | 2023-09-06 | CVE-2023-23623 | cve | Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setti... |
| 10 | 2023-09-06 | CVE-2023-39967 | cve | WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded t... |
| 9.8 | 2023-09-06 | CVE-2023-40397 | cve | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. |
| 9.8 | 2023-09-06 | CVE-2023-41149 | cve | F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an... |
| 9.8 | 2023-09-06 | CVE-2023-4485 | cve | ARDEREG ?Sistema SCADA Central versions 2.203 and prior login page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application&... |
| 9.8 | 2023-09-06 | CVE-2023-30723 | cve | Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. |
| 9.8 | 2023-09-05 | CVE-2023-41507 | cve | Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters. |
| 9.8 | 2023-09-05 | CVE-2017-9453 | cve | BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass. |
| 9.8 | 2023-09-05 | CVE-2023-39681 | cve | Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via ... |
| 9.8 | 2023-09-05 | CVE-2023-3616 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mava Software Hotel Management System allows SQL Injection.This i... |
| 9.8 | 2023-09-05 | CVE-2023-39654 | cve | abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.search_to_symbol_dict. |
| 9.8 | 2023-09-05 | CVE-2023-41009 | cve | File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header. |
| 9.8 | 2023-09-05 | CVE-2023-39361 | cve | Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users c... |
| Page(s) : 1 ... 290 291 292 293 294 295 296 297 298 299 [300] 301 302 303 304 305 306 307 308 309 310 ... | Result(s) : 43290 |
