| Page(s) : 1 ... 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 ... | Result(s) : 198158 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2021-10-13 | CVE-2021-39304 | cve | Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass. |
| 7.5 | 2021-10-13 | CVE-2021-20123 | cve | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the DownloadFileServlet endpoint. An unauthenticated attacker ... |
| 7.5 | 2021-10-13 | CVE-2021-20124 | cve | A local file inclusion vulnerability exists in Draytek VigorConnect 1.6.0-B3 in the file download functionality of the WebServlet endpoint. An unauthenticated attacker could lev... |
| 9.8 | 2021-10-13 | CVE-2021-20125 | cve | An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek VigorConnect 1.6.0-B3. An unauthenticate... |
| 8.8 | 2021-10-13 | CVE-2021-20126 | cve | Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally pr... |
| 8.1 | 2021-10-13 | CVE-2021-20127 | cve | An arbitrary file deletion vulnerability exists in the file delete functionality of the Html5Servlet endpoint of Draytek VigorConnect 1.6.0-B3. This allows an authenticated user... |
| 5.4 | 2021-10-13 | CVE-2021-20128 | cve | The Profile Name field in the floor plan (Network Menu) page in Draytek VigorConnect 1.6.0-B3 was found to be vulnerable to stored XSS, as user input is not properly sanitized. |
| 7.5 | 2021-10-13 | CVE-2021-20129 | cve | An information disclosure vulnerability exists in Draytek VigorConnect 1.6.0-B3, allowing an unauthenticated attacker to export system logs. |
| 2.7 | 2021-10-13 | CVE-2021-22033 | cve | Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. |
| 4.3 | 2021-10-13 | CVE-2021-22035 | cve | VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious... |
| 6.5 | 2021-10-13 | CVE-2021-22036 | cve | VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an at... |
| 8.1 | 2021-10-13 | CVE-2021-3057 | cve | A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentia... |
| 5.3 | 2021-10-13 | CVE-2021-41138 | cve | Frontier is Substrate's Ethereum compatibility layer. In the newly introduced signed Frontier-specific extrinsic for `pallet-ethereum`, a large part of transaction validati... |
| 9.8 | 2021-10-13 | CVE-2021-35498 | cve | The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powered by TIBCO EBX contains a vulnerabi... |
| 6.1 | 2021-10-13 | CVE-2021-40732 | cve | XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a lo... |
| 6.1 | 2021-10-13 | CVE-2021-41139 | cve | Anuko Time Tracker is an open source, web-based time tracking application written in PHP. When a logged on user selects a date in Time Tracker, it is being passed on via the dat... |
| 4.3 | 2021-10-13 | CVE-2021-33609 | cve | Missing check in DataCommunicator class in com.vaadin:vaadin-server versions 8.0.0 through 8.14.0 (Vaadin 8.0.0 through 8.14.0) allows authenticated network attacker to cause he... |
| 8.8 | 2021-10-13 | CVE-2021-20795 | cve | Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of adminis... |
| 6.5 | 2021-10-13 | CVE-2021-20796 | cve | Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vect... |
| 5.4 | 2021-10-13 | CVE-2021-20797 | cve | Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the ... |
| Page(s) : 1 ... 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 ... | Result(s) : 198158 |
