| Page(s) : 1 ... 476 477 478 479 480 481 482 483 484 485 [486] 487 488 489 490 491 492 493 494 495 496 ... | Result(s) : 43360 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-11-01 | CVE-2022-44542 | cve | lesspipe before 2.06 allows attackers to execute code via Perl Storable (pst) files, because of deserialized object destructor execution via a key/value pair in a hash. |
| 9.8 | 2022-11-01 | CVE-2022-2572 | cve | In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were stil... |
| 9.8 | 2022-11-01 | CVE-2022-41552 | cve | Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Ana... |
| 9.1 | 2022-10-31 | CVE-2022-27583 | cve | A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impa... |
| 9.6 | 2022-10-31 | CVE-2022-28763 | cve | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL i... |
| 9.8 | 2022-10-31 | CVE-2022-31692 | cve | Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an ... |
| 9.8 | 2022-10-31 | CVE-2022-38142 | cve | Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-Gateway service port without proper verificat... |
| 9.8 | 2022-10-31 | CVE-2022-40202 | cve | The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior lacks proper authentication. An attacker could provide malicious seriali... |
| 9.1 | 2022-10-31 | CVE-2022-41629 | cve | Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated users to access the aprunning endpoint, which could allow an attacker to retrieve ... |
| 9.8 | 2022-10-31 | CVE-2022-41657 | cve | Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application pro... |
| 9.8 | 2022-10-31 | CVE-2022-41772 | cve | Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result i... |
| 9.8 | 2022-10-31 | CVE-2022-41779 | cve | Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize network packets without proper verification. If the device connects to an attacker-controlle... |
| 9.6 | 2022-10-31 | CVE-2022-40190 | cve | SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malici... |
| 9 | 2022-10-31 | CVE-2022-40287 | cve | The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a ... |
| 9 | 2022-10-31 | CVE-2022-40288 | cve | The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and... |
| 9 | 2022-10-31 | CVE-2022-40289 | cve | The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the upload and download functionality, which could be leveraged to escalate privileges o... |
| 9.8 | 2022-10-31 | CVE-2022-40293 | cve | The application was vulnerable to a session fixation that could be used hijack accounts. |
| 9.8 | 2022-10-31 | CVE-2022-40296 | cve | The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and l... |
| 9.8 | 2022-10-31 | CVE-2021-40241 | cve | xfig 3.2.7 is vulnerable to Buffer Overflow. |
| 9.8 | 2022-10-31 | CVE-2022-3254 | cve | The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action availa... |
| Page(s) : 1 ... 476 477 478 479 480 481 482 483 484 485 [486] 487 488 489 490 491 492 493 494 495 496 ... | Result(s) : 43360 |
