| Page(s) : 1 ... 444 445 446 447 448 449 450 451 452 453 [454] 455 456 457 458 459 460 461 462 463 464 ... | Result(s) : 43317 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-12-27 | CVE-2022-4725 | cve | A vulnerability was found in AWS SDK 2.59.0. It has been rated as critical. This issue affects the function XpathUtils of the file aws-android-sdk-core/src/main/java/com/amazona... |
| 9.8 | 2022-12-27 | CVE-2022-4726 | cve | A vulnerability classified as critical was found in SourceCodester Sanitization Management System 1.0. Affected by this vulnerability is an unknown functionality of the componen... |
| 9.8 | 2022-12-27 | CVE-2022-4748 | cve | A vulnerability was found in FlatPress. It has been classified as critical. This affects the function doItemActions of the file fp-plugins/mediamanager/panels/panel.mediamanager... |
| 9.8 | 2022-12-27 | CVE-2022-46764 | cve | A SQL injection issue in the web API in TrueConf Server 5.2.0.10225 allows remote unauthenticated attackers to execute arbitrary SQL commands, ultimately leading to remote code ... |
| 9.8 | 2022-12-26 | CVE-2020-11101 | cve | Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges. |
| 9.8 | 2022-12-26 | CVE-2021-4281 | cve | A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.ym... |
| 9.8 | 2022-12-26 | CVE-2019-11851 | cve | The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary ... |
| 9.8 | 2022-12-26 | CVE-2020-24600 | cve | Shilpi CAPExWeb 1.1 allows SQL injection via a servlet/capexweb.cap_sendMail GET request. |
| 9.8 | 2022-12-26 | CVE-2022-4047 | cve | The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated us... |
| 9.8 | 2022-12-26 | CVE-2022-4117 | cve | The IWS WordPress plugin through 1.0 does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an... |
| 9.8 | 2022-12-26 | CVE-2022-4120 | cve | The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6 passes base64 encoded user input to the unserialize() PHP function when CAPTCHA are... |
| 9.8 | 2022-12-26 | CVE-2022-4742 | cve | A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation ... |
| 9.8 | 2022-12-26 | CVE-2022-26969 | cve | In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true. |
| 9.8 | 2022-12-26 | CVE-2021-45466 | cve | In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, attackers can make a crafted request to api/?api=add_server&DHCP= to add an authorized_keys text file in th... |
| 9.8 | 2022-12-26 | CVE-2021-45467 | cve | In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, a... |
| 9.8 | 2022-12-26 | CVE-2022-24116 | cve | Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0. |
| 9.8 | 2022-12-26 | CVE-2022-24117 | cve | Certain General Electric Renewable Energy products download firmware without an integrity check. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.1... |
| 9.1 | 2022-12-26 | CVE-2022-24118 | cve | Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before... |
| 9.8 | 2022-12-26 | CVE-2022-24119 | cve | Certain General Electric Renewable Energy products have a hidden feature for unauthenticated remote access to the device configuration shell. This affects iNET and iNET II befor... |
| 9.8 | 2022-12-25 | CVE-2020-36630 | cve | A vulnerability was found in FreePBX cdr 14.0. It has been classified as critical. This affects the function ajaxHandler of the file ucp/Cdr.class.php. The manipulation of the a... |
| Page(s) : 1 ... 444 445 446 447 448 449 450 451 452 453 [454] 455 456 457 458 459 460 461 462 463 464 ... | Result(s) : 43317 |
