| Page(s) : 1 ... 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 ... | Result(s) : 171851 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2020-06-23 | CVE-2020-14073 | cve | XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties scr... |
| 6.5 | 2020-06-23 | CVE-2020-13157 | cve | modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed. |
| 6.5 | 2020-06-23 | CVE-2020-13156 | cve | modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI. |
| 8.8 | 2020-06-23 | CVE-2020-13155 | cve | clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI. |
| 8.8 | 2020-06-23 | CVE-2020-12033 | cve | In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unaut... |
| 9 | 2020-06-23 | CVE-2020-12021 | cve | In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to r... |
| 7.5 | 2020-06-23 | CVE-2020-7668 | cve | In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..... |
| 7.5 | 2020-06-23 | CVE-2020-7664 | cve | In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading ".... |
| 5.3 | 2020-06-23 | CVE-2020-4188 | cve | IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807. |
| 5.9 | 2020-06-23 | CVE-2020-9438 | cve | Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other word... |
| 7.8 | 2020-06-23 | CVE-2020-14971 | cve | Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.ph... |
| 4.8 | 2020-06-23 | CVE-2020-14965 | cve | On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations i... |
| 8.8 | 2020-06-23 | CVE-2020-11068 | cve | In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4. |
| 5.3 | 2020-06-23 | CVE-2020-4028 | cve | Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed un... |
| 9.8 | 2020-06-23 | CVE-2020-14993 | cve | A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber... |
| 7.5 | 2020-06-23 | CVE-2020-14940 | cve | An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature f... |
| 7.8 | 2020-06-23 | CVE-2020-14939 | cve | An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to... |
| 9.8 | 2020-06-23 | CVE-2020-14938 | cve | An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated ... |
| 9.8 | 2020-06-23 | CVE-2020-5594 | cve | Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between C... |
| 9.8 | 2020-06-23 | CVE-2020-12782 | cve | Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized a... |
| Page(s) : 1 ... 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 ... | Result(s) : 171851 |
