| Page(s) : 1 ... 303 304 305 306 307 308 309 310 311 312 [313] 314 315 316 317 318 319 320 321 322 323 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-08-15 | CVE-2023-4341 | cve | Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI |
| 9.8 | 2023-08-15 | CVE-2023-4342 | cve | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy |
| 9.8 | 2023-08-15 | CVE-2023-4344 | cve | Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection |
| 9.8 | 2023-08-15 | CVE-2023-38864 | cve | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the protal_delete_picname parameter in the sub_41171C function at bin/webmgnt. |
| 9.8 | 2023-08-15 | CVE-2023-38866 | cve | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands in... |
| 9.8 | 2023-08-15 | CVE-2023-39852 | cve | Doctormms v1.0 was discovered to contain a SQL injection vulnerability via the $userid parameter at myAppoinment.php. NOTE: this is disputed by a third party who claims that the... |
| 9.8 | 2023-08-15 | CVE-2023-35082 | cve | An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users to access restricted functionality or resources of the application without prope... |
| 9.8 | 2023-08-15 | CVE-2023-38860 | cve | An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. |
| 9.8 | 2023-08-15 | CVE-2023-38889 | cve | An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.... |
| 9.8 | 2023-08-15 | CVE-2023-38896 | cve | An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. |
| 9.8 | 2023-08-15 | CVE-2023-38915 | cve | File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote attacker to execute arbtirary code via the upload type function. |
| 9.8 | 2023-08-15 | CVE-2023-39659 | cve | An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component. |
| 9.8 | 2023-08-15 | CVE-2023-39661 | cve | An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the _is_jailbreak function. |
| 9.8 | 2023-08-15 | CVE-2023-39662 | cve | An issue in llama_index v.0.7.13 and before allows a remote attacker to execute arbitrary code via the `exec` parameter in PandasQueryEngine function. |
| 9.8 | 2023-08-14 | CVE-2023-21287 | cve | In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User in... |
| 9.8 | 2023-08-14 | CVE-2023-32748 | cve | The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could allow an unauthenticated attacker with internal network access to execute arbitrary... |
| 9.8 | 2023-08-14 | CVE-2023-29468 | cve | The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a ma... |
| 9.8 | 2023-08-14 | CVE-2023-39292 | cve | A SQL Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to access sensitive information a... |
| 9.8 | 2023-08-14 | CVE-2023-39293 | cve | A Command Injection vulnerability has been identified in the MiVoice Office 400 SMB Controller through 1.2.5.23 which could allow a malicious actor to execute arbitrary commands... |
| 9.8 | 2023-08-14 | CVE-2023-3435 | cve | The User Activity Log WordPress plugin before 1.6.5 does not correctly sanitise and escape several parameters before using it in a SQL statement as part of its exportation featu... |
| Page(s) : 1 ... 303 304 305 306 307 308 309 310 311 312 [313] 314 315 316 317 318 319 320 321 322 323 ... | Result(s) : 43290 |
