| Page(s) : 1 ... 327 328 329 330 331 332 333 334 335 336 [337] 338 339 340 341 342 343 344 345 346 347 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-07-06 | CVE-2023-22844 | cve | An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authen... |
| 9.8 | 2023-07-06 | CVE-2023-23902 | cve | A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to remote code execution. An ... |
| 9.8 | 2023-07-06 | CVE-2023-29381 | cve | An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information via the password and 2FA parameters. |
| 9.8 | 2023-07-06 | CVE-2023-29382 | cve | An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component. |
| 9.6 | 2023-07-06 | CVE-2023-30319 | cve | Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows att... |
| 9 | 2023-07-06 | CVE-2023-30320 | cve | Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows at... |
| 9 | 2023-07-06 | CVE-2023-30321 | cve | Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows ... |
| 9 | 2023-07-06 | CVE-2023-34192 | cve | Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. |
| 9.8 | 2023-07-06 | CVE-2021-46894 | cve | Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation. |
| 9.8 | 2023-07-06 | CVE-2022-48510 | cve | Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. |
| 9.8 | 2023-07-06 | CVE-2022-48511 | cve | Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successful exploitation of this vulnerability may cause audio features to perform abn... |
| 9.8 | 2023-07-06 | CVE-2022-48512 | cve | Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally. |
| 9.8 | 2023-07-06 | CVE-2022-48513 | cve | Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access. |
| 9.1 | 2023-07-06 | CVE-2023-37240 | cve | Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. |
| 9.8 | 2023-07-06 | CVE-2023-37242 | cve | Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (... |
| 9.1 | 2023-07-06 | CVE-2023-37245 | cve | Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. |
| 9.8 | 2023-07-06 | CVE-2022-46080 | cve | Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET. |
| 9.8 | 2023-07-05 | CVE-2023-34338 | cve | AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerabi... |
| 9.8 | 2023-07-05 | CVE-2023-35924 | cve | GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.8, GLPI inventory endpoint can be used to drive a SQL injection att... |
| 9.8 | 2023-07-05 | CVE-2023-36808 | cve | GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be us... |
| Page(s) : 1 ... 327 328 329 330 331 332 333 334 335 336 [337] 338 339 340 341 342 343 344 345 346 347 ... | Result(s) : 43290 |
