Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 476 477 478 479 480 481 482 483 484 485 [486] 487 488 489 490 491 492 493 494 495 496 ... Result(s) : 43360

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2022-11-01 CVE-2022-44542 cve lesspipe before 2.06 allows attackers to execute code via Perl Storable (pst) files, because of deserialized object destructor execution via a key/value pair in a hash.
9.8 2022-11-01 CVE-2022-2572 cve In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were stil...
9.8 2022-11-01 CVE-2022-41552 cve Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Ana...
9.1 2022-10-31 CVE-2022-27583 cve A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impa...
9.6 2022-10-31 CVE-2022-28763 cve The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL i...
9.8 2022-10-31 CVE-2022-31692 cve Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an ...
9.8 2022-10-31 CVE-2022-38142 cve Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verificat...
9.8 2022-10-31 CVE-2022-40202 cve The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious seriali...
9.1 2022-10-31 CVE-2022-41629 cve Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve ...
9.8 2022-10-31 CVE-2022-41657 cve Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application pro...
9.8 2022-10-31 CVE-2022-41772 cve Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result i...
9.8 2022-10-31 CVE-2022-41779 cve Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network packets without proper verification. If the device connects to an attacker-controlle...
9.6 2022-10-31 CVE-2022-40190 cve SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malici...
9 2022-10-31 CVE-2022-40287 cve The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a ...
9 2022-10-31 CVE-2022-40288 cve The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and...
9 2022-10-31 CVE-2022-40289 cve The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges o...
9.8 2022-10-31 CVE-2022-40293 cve The application was vulnerable to a session fixation that could be used hijack accounts.
9.8 2022-10-31 CVE-2022-40296 cve The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and l...
9.8 2022-10-31 CVE-2021-40241 cve xfig 3.2.7 is vulnerable to Buffer Overflow.
9.8 2022-10-31 CVE-2022-3254 cve The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action availa...
Page(s) : 1 ... 476 477 478 479 480 481 482 483 484 485 [486] 487 488 489 490 491 492 493 494 495 496 ... Result(s) : 43360