Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 326 327 328 329 330 331 332 333 334 335 [336] 337 338 339 340 341 342 343 344 345 346 ... Result(s) : 43290

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2023-07-07 CVE-2023-37171 cve TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
9.8 2023-07-07 CVE-2023-37172 cve TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDiagnosisCfg function.
9.8 2023-07-07 CVE-2023-37173 cve TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the command parameter in the setTracerouteCfg function.
9.8 2023-07-07 CVE-2023-37144 cve Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
9.8 2023-07-07 CVE-2023-37145 cve TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.
9.8 2023-07-07 CVE-2023-37146 cve TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function.
9.8 2023-07-07 CVE-2023-37148 cve TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function.
9.8 2023-07-07 CVE-2023-37149 cve TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function.
9.8 2023-07-07 CVE-2023-27845 cve SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo, and KerawenH...
9.8 2023-07-07 CVE-2023-34433 cve PiiGAB M-Bus stores passwords using a weak hash algorithm.
9.8 2023-07-07 CVE-2023-34995 cve There are no requirements for setting a complex password for PiiGAB M-Bus, which could contribute to a successful brute force attack if the password is inline wit...
9.8 2023-07-06 CVE-2023-33868 cve The number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic authentication.
9.8 2023-07-06 CVE-2023-35987 cve PiiGAB M-Bus contains hard-coded credentials which it uses for authentication.
9.8 2023-07-06 CVE-2023-36859 cve PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands.
9.8 2023-07-06 CVE-2023-3528 cve A vulnerability was found in ThinuTech ThinuCMS 1.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /category.php. The manipulat...
9.9 2023-07-06 CVE-2023-36460 cve Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully cr...
9.8 2023-07-06 CVE-2023-29824 cve A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
9.8 2023-07-06 CVE-2020-22336 cve An issue was discovered in pdfcrack 0.17 thru 0.18, allows attackers to execute arbitrary code via a stack overflow in the MD5 function.
9.8 2023-07-06 CVE-2023-36188 cve An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.
9.8 2023-07-06 CVE-2023-22319 cve A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication by...
Page(s) : 1 ... 326 327 328 329 330 331 332 333 334 335 [336] 337 338 339 340 341 342 343 344 345 346 ... Result(s) : 43290