| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 182443 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-01-26 | CVE-2021-21283 | cve | Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A cha... |
| N/A | 2021-01-26 | CVE-2021-21278 | cve | RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some rout... |
| N/A | 2021-01-26 | CVE-2021-21271 | cve | Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates... |
| N/A | 2021-01-26 | CVE-2021-1071 | cve | NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver i... |
| N/A | 2021-01-26 | CVE-2021-1070 | cve | NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to inst... |
| N/A | 2021-01-26 | CVE-2020-23776 | cve | A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a sp... |
| N/A | 2021-01-26 | CVE-2020-23774 | cve | A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed. |
| N/A | 2021-01-26 | CVE-2013-2512 | cve | The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. |
| N/A | 2021-01-26 | CVE-2021-3308 | cve | An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the... |
| N/A | 2021-01-26 | CVE-2021-23272 | cve | The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnera... |
| N/A | 2021-01-26 | CVE-2021-22159 | cve | Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.... |
| N/A | 2021-01-26 | CVE-2020-27299 | cve | The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OP... |
| N/A | 2021-01-26 | CVE-2020-27297 | cve | The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to manipulate memory with controlled values and remotely execute code on the OPC ... |
| N/A | 2021-01-26 | CVE-2020-27295 | cve | The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to ... |
| N/A | 2021-01-26 | CVE-2020-27274 | cve | Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-serv... |
| N/A | 2021-01-26 | CVE-2020-13582 | cve | A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker... |
| N/A | 2021-01-26 | CVE-2021-3304 | cve | Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI. |
| N/A | 2021-01-26 | CVE-2021-3297 | cve | On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator access. |
| N/A | 2021-01-26 | CVE-2021-3291 | cve | Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command. |
| N/A | 2021-01-26 | CVE-2021-3286 | cve | SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists be... |
| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 182443 |
