Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 ... Result(s) : 198158

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
7.5 2021-10-14 CVE-2021-42340 cve The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduce...
7.5 2021-10-14 CVE-2020-19954 cve An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.
7.5 2021-10-14 CVE-2020-19957 cve A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.
7.5 2021-10-14 CVE-2020-19959 cve A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page...
7.5 2021-10-14 CVE-2020-19960 cve A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendsms.php page ...
7.5 2021-10-14 CVE-2020-19961 cve A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php.
5.4 2021-10-14 CVE-2020-19962 cve A stored cross-site scripting (XSS) vulnerability in the getClientIp function in /lib/tinwin.class.php of Chaoji CMS 2.39, allows attackers to execute arbitrary web scripts.
6.5 2021-10-14 CVE-2020-19964 cve A Cross Site Request Forgery (CSRF) vulnerability was discovered in PHPMyWind 5.6 which allows attackers to create a new administrator account without authentication.
7.5 2021-10-14 CVE-2021-20599 cve Authorization bypass through user-controlled key vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R series SIL2 Process CPU R08/16/32...
6.1 2021-10-14 CVE-2021-22963 cve A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain:...
8.8 2021-10-14 CVE-2021-22964 cve A redirect vulnerability in the `fastify-static` module version >= 4.2.4 and < 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double...
8.8 2021-10-14 CVE-2021-33177 cve The Bulk Modifications functionality in Nagios XI versions prior to 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vu...
6.5 2021-10-14 CVE-2021-33178 cve The Manage Backgrounds functionality within Nagvis versions prior to 2.0.9 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a mali...
6.1 2021-10-14 CVE-2021-33179 cve The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially ...
7.5 2021-10-14 CVE-2021-37933 cve An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could allow an unauthenticated, remote user to modify the logic of an LDAP query and bypas...
5.4 2021-10-14 CVE-2021-38344 cve The Brizy Page Builder plugin
6.5 2021-10-14 CVE-2021-38345 cve The Brizy Page Builder plugin
8.8 2021-10-14 CVE-2021-38346 cve The Brizy Page Builder plugin
4.8 2021-10-14 CVE-2021-39330 cve The Formidable Form Builder WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found in the ~/classes/helpers/Fr...
6.1 2021-10-14 CVE-2021-41132 cve OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Du...
Page(s) : 1 ... 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 39 40 41 ... Result(s) : 198158