| Page(s) : 1 ... 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 ... | Result(s) : 173115 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2020-07-15 | CVE-2020-6165 | cve | SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-ch... |
| 7.5 | 2020-07-15 | CVE-2020-6164 | cve | In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Si... |
| 6.7 | 2020-07-15 | CVE-2020-15780 | cve | An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lo... |
| 7.5 | 2020-07-15 | CVE-2020-15779 | cve | A Path Traversal issue was discovered in the socket.io-file package through 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option... |
| 6.1 | 2020-07-15 | CVE-2020-15718 | cve | RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the PrintSchedules.php script. A remote attacker could exploit this vulnerability ... |
| 7.5 | 2020-07-15 | CVE-2020-15603 | cve | An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the sp... |
| 7.8 | 2020-07-15 | CVE-2020-15602 | cve | An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker t... |
| 5.6 | 2020-07-15 | CVE-2020-15366 | cve | An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other cod... |
| 5.3 | 2020-07-15 | CVE-2020-15107 | cve | In openenclave before 0.10.0, enclaves that use x87 FPU operations are vulnerable to tampering by a malicious host application. By violating the Linux System V Application Binar... |
| 6.1 | 2020-07-15 | CVE-2020-15051 | cve | An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username,... |
| 6.5 | 2020-07-15 | CVE-2020-14982 | cve | A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.threeis.webta.H352premPayRequest servlet's SortBy parameter) allows an att... |
| 8.8 | 2020-07-15 | CVE-2020-14066 | cve | IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. |
| 6.5 | 2020-07-15 | CVE-2020-14065 | cve | IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. |
| 6.5 | 2020-07-15 | CVE-2020-14064 | cve | IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. |
| 4.3 | 2020-07-15 | CVE-2020-13788 | cve | Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker with the ability to edit projects can scan ports of hosts accessible on the Harbor server's intranet. |
| 8.8 | 2020-07-15 | CVE-2020-12854 | cve | A remote code execution vulnerability was identified in SecZetta NEProfile 3.3.11. Authenticated remote adversaries can invoke code execution upon uploading a carefully crafted ... |
| 9.8 | 2020-07-15 | CVE-2020-12684 | cve | XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer), as used in i-net HelpDesk and other products, when XML input containing a reference to an external entit... |
| 8.8 | 2020-07-15 | CVE-2020-11439 | cve | LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue allowing arbitrary PHP to be included and executed within the EMR application. |
| 8.8 | 2020-07-15 | CVE-2020-11438 | cve | LibreHealth EMR v2.0.0 is affected by systemic CSRF. |
| 4.3 | 2020-07-15 | CVE-2020-11437 | cve | LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privilege authenticated users to enumerate the database. |
| Page(s) : 1 ... 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 ... | Result(s) : 173115 |
