| Page(s) : 1 ... 362 363 364 365 366 367 368 369 370 371 [372] 373 374 375 376 377 378 379 380 381 382 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-04-26 | CVE-2020-36070 | cve | Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component. |
| 9.8 | 2023-04-26 | CVE-2023-30280 | cve | Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofse... |
| 9.8 | 2023-04-26 | CVE-2023-30363 | cve | vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts. |
| 9.8 | 2023-04-26 | CVE-2023-30845 | cve | ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerabili... |
| 9.8 | 2023-04-26 | CVE-2022-39989 | cve | An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials, but does not force nor prompt the administrators to change the credentials. |
| 9.8 | 2023-04-26 | CVE-2023-30211 | cve | OURPHP |
| 9.8 | 2023-04-26 | CVE-2023-24796 | cve | Password vulnerability found in Vinga WR-AC1200 81.102.1.4370 and before allows a remote attacker to execute arbitrary code via the password parameter at the /goform/sysTools an... |
| 9.8 | 2023-04-26 | CVE-2012-5872 | cve | ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause. |
| 9.8 | 2023-04-26 | CVE-2023-27843 | cve | SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 and before allow a remote attacker to gain privileges via the QuotesProduct::deleteProduct component. |
| 9.8 | 2023-04-26 | CVE-2023-30404 | cve | Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. This... |
| 9.1 | 2023-04-25 | CVE-2021-44547 | cve | A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation. |
| 9.9 | 2023-04-25 | CVE-2023-30838 | cve | PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, the `ValidateCore::isCleanHTML()` method of Prestashop misses hijackable events whi... |
| 9.8 | 2023-04-25 | CVE-2023-27105 | cve | A vulnerability in the Wi-Fi file transfer module of Shanling M5S Portable Music Player with Shanling MTouch OS v4.3 and Shanling M2X Portable Music Player with Shanling MTouch ... |
| 9.8 | 2023-04-25 | CVE-2023-25313 | cve | OS injection vulnerability in World Wide Broadcast Network AVideo version before 12.4, allows attackers to execute arbitrary code via the video link field to the Embed a video l... |
| 9.8 | 2023-04-25 | CVE-2023-28771 | cve | Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions... |
| 9.8 | 2023-04-24 | CVE-2023-26865 | cve | SQL injection vulnerability found in PrestaShop bdroppy v.2.2.12 and before allowing a remote attacker to gain privileges via the BdroppyCronModuleFrontController::importProduct... |
| 9.8 | 2023-04-24 | CVE-2023-27848 | cve | broccoli-compass v0.2.4 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function. |
| 9.8 | 2023-04-24 | CVE-2023-27849 | cve | rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function. |
| 9.8 | 2023-04-24 | CVE-2023-29566 | cve | huedawn-tesseract 0.3.3 and dawnsparks-node-tesseract 0.4.0 to 0.4.1 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function. |
| 9.8 | 2023-04-24 | CVE-2023-1020 | cve | The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unau... |
| Page(s) : 1 ... 362 363 364 365 366 367 368 369 370 371 [372] 373 374 375 376 377 378 379 380 381 382 ... | Result(s) : 43290 |
