Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 406 407 408 409 410 411 412 413 414 415 [416] 417 418 419 420 421 422 423 424 425 426 ... Result(s) : 43310

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.6 2023-02-15 CVE-2020-19825 cve Cross Site Scripting (XSS) vulnerability in kevinpapst kimai2 1.30.0 in /src/Twig/Runtime/MarkdownExtension.php, allows attackers to gain escalated privileges.
9.8 2023-02-15 CVE-2020-21119 cve SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordIDValue parameter, allows attackers to gain escalated privileges and execute ar...
9.8 2023-02-15 CVE-2020-21120 cve SQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num.
9.8 2023-02-15 CVE-2021-33304 cve Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbi...
9.8 2023-02-15 CVE-2021-33925 cve SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escila...
9.8 2023-02-15 CVE-2023-0849 cve A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This vulnerability affects unknown code of the component Web Interface. The manipulatio...
9.8 2023-02-15 CVE-2023-25156 cve Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login pa...
9.8 2023-02-15 CVE-2022-46892 cve In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex.
9.1 2023-02-15 CVE-2023-0102 cve LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its deletion command. This could allow an attacker to delete arbitrary files.
9.8 2023-02-15 CVE-2023-22804 cve LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with el...
9.8 2023-02-15 CVE-2023-22807 cve LS ELECTRIC XBC-DN32U with operating system version 01.80 does not properly control access to the PLC over its internal XGT protocol. An attacker could control and tamper with ...
9.9 2023-02-15 CVE-2023-25765 cve In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email tem...
9.1 2023-02-14 CVE-2023-25725 cve HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in H...
9.8 2023-02-14 CVE-2023-21689 cve Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
9.8 2023-02-14 CVE-2023-21690 cve Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
9.8 2023-02-14 CVE-2023-21692 cve Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
9.8 2023-02-14 CVE-2023-21716 cve Microsoft Word Remote Code Execution Vulnerability
9.8 2023-02-14 CVE-2023-21803 cve Windows iSCSI Discovery Service Remote Code Execution Vulnerability
9.8 2023-02-14 CVE-2023-24159 cve TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admpass parameter in the setPasswordCfg function.
9.8 2023-02-14 CVE-2023-24160 cve TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.
Page(s) : 1 ... 406 407 408 409 410 411 412 413 414 415 [416] 417 418 419 420 421 422 423 424 425 426 ... Result(s) : 43310