| Page(s) : 1 ... 340 341 342 343 344 345 346 347 348 349 [350] 351 352 353 354 355 356 357 358 359 360 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-06-07 | CVE-2023-34237 | cve | SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in ... |
| 9.1 | 2023-06-07 | CVE-2023-31114 | cve | An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM ... |
| 9.8 | 2023-06-07 | CVE-2023-31116 | cve | An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a... |
| 9.8 | 2023-06-07 | CVE-2023-33496 | cve | xxl-rpc v1.7.0 was discovered to contain a deserialization vulnerability via the component com.xxl.rpc.core.remoting.net.impl.netty.codec.NettyDecode#decode. |
| 9.8 | 2023-06-07 | CVE-2023-33556 | cve | TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg. |
| 9.8 | 2023-06-07 | CVE-2023-20887 | cve | Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a co... |
| 9.8 | 2023-06-07 | CVE-2023-33553 | cve | An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation of the LoginStatus cookie. |
| 9.8 | 2023-06-07 | CVE-2020-36705 | cve | The Adning Advertising plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the _ning_upload_image function in versions up to, and... |
| 9.8 | 2023-06-07 | CVE-2020-36728 | cve | The Adning Advertising plugin for WordPress is vulnerable to file deletion via path traversal in versions up to, and including, 1.5.5. This allows unauthenticated attackers to d... |
| 9.8 | 2023-06-07 | CVE-2021-4380 | cve | The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the 'wp_pinterest_automatic_parse_request' funct... |
| 9.8 | 2023-06-07 | CVE-2023-2186 | cve | On Triangle MicroWorks' SCADA Data Gateway version |
| 9.8 | 2023-06-07 | CVE-2023-30400 | cve | An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection vulnerability in the network configuration script within the MCU's operating syst... |
| 9.8 | 2023-06-07 | CVE-2016-15033 | cve | The Delete All Comments plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the via the delete-all-comments.php file in versions ... |
| 9.8 | 2023-06-07 | CVE-2019-25138 | cve | The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images function in versions up to, and... |
| 9.8 | 2023-06-07 | CVE-2019-25141 | cve | The Easy WP SMTP plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.3.9. This is due to missing capability checks on the admin_init()... |
| 9.8 | 2023-06-07 | CVE-2020-36708 | cve | The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely |
| 9.8 | 2023-06-07 | CVE-2020-36713 | cve | The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.1.5. This is due to unrestricted access to the 'register'... |
| 9.8 | 2023-06-07 | CVE-2020-36718 | cve | The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.3 via deserialization of untrusted input "njt_gdp... |
| 9.8 | 2023-06-07 | CVE-2020-36719 | cve | The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Arbitrary Plugin Installation, Activation and Deactivation in versions before 2.6.1. This is ... |
| 9.8 | 2023-06-07 | CVE-2020-36724 | cve | The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm pas... |
| Page(s) : 1 ... 340 341 342 343 344 345 346 347 348 349 [350] 351 352 353 354 355 356 357 358 359 360 ... | Result(s) : 43290 |
