| Page(s) : 1 ... 404 405 406 407 408 409 410 411 412 413 [414] 415 416 417 418 419 420 421 422 423 424 ... | Result(s) : 299271 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-22 | CVE-2023-44755 | cve | Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the password parameter at /sacco/ajax.php. |
| N/A | 2025-04-22 | CVE-2023-44753 | cve | A stored cross-site scripting (XSS) vulnerability fin Student Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected int... |
| N/A | 2025-04-22 | CVE-2023-44752 | cve | An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass authentication via a crafted GET request to /php-sscdms/admin/login.php. |
| N/A | 2025-04-22 | CVE-2023-43958 | cve | An arbitrary file upload vulnerability in the component /jquery-file-upload/server/php/index.php of Hospital Management System v4.0 allows an unauthenticated attacker to upload ... |
| N/A | 2025-04-22 | CVE-2023-43378 | cve | A cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the commento1_1 par... |
| 10 | 2025-04-22 | CVE-2025-34028 | cve | The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are... |
| 9.8 | 2025-04-21 | CVE-2025-43973 | cve | An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RT... |
| 7.5 | 2025-04-21 | CVE-2025-43972 | cve | An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. |
| 7.5 | 2025-04-21 | CVE-2025-43971 | cve | An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen. |
| 5.3 | 2025-04-21 | CVE-2025-43970 | cve | An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending ... |
| 7.5 | 2025-04-21 | CVE-2025-43967 | cve | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item. |
| 7.5 | 2025-04-21 | CVE-2025-43966 | cve | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. |
| 9.8 | 2025-04-21 | CVE-2025-43964 | cve | In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. |
| 9.1 | 2025-04-21 | CVE-2025-43963 | cve | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. |
| 9.1 | 2025-04-21 | CVE-2025-43962 | cve | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult c... |
| 9.1 | 2025-04-21 | CVE-2025-43961 | cve | In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. |
| N/A | 2025-04-21 | CVE-2025-43922 | cve | The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM. |
| N/A | 2025-04-21 | CVE-2025-43916 | cve | Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent... |
| N/A | 2025-04-21 | CVE-2025-3857 | cve | When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while ... |
| 7.3 | 2025-04-21 | CVE-2025-3847 | cve | A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This affects an unknown part of the file code/http/httprequest.cpp of the component Lo... |
| Page(s) : 1 ... 404 405 406 407 408 409 410 411 412 413 [414] 415 416 417 418 419 420 421 422 423 424 ... | Result(s) : 299271 |
