Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ... | Result(s) : 272270 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-04-26 | CVE-2024-32404 | cve | Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sand... |
N/A | 2024-04-26 | CVE-2024-32406 | cve | Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue... |
N/A | 2024-04-26 | CVE-2024-3154 | cve | A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an ar... |
N/A | 2024-04-25 | CVE-2024-31609 | cve | Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration. |
N/A | 2024-04-25 | CVE-2024-31610 | cve | File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload... |
N/A | 2024-04-25 | CVE-2024-3265 | cve | The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to cond... |
N/A | 2024-04-25 | CVE-2024-0916 | cve | Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3. |
N/A | 2024-04-25 | CVE-2024-2905 | cve | A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises fro... |
N/A | 2024-04-25 | CVE-2024-32645 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with ... |
N/A | 2024-04-25 | CVE-2024-32646 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `slice` builtin can result in a double eval vulnerability w... |
N/A | 2024-04-25 | CVE-2024-32647 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval... |
N/A | 2024-04-25 | CVE-2024-32648 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn... |
N/A | 2024-04-25 | CVE-2024-32649 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when... |
N/A | 2024-04-25 | CVE-2024-3508 | cve | A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in t... |
N/A | 2024-04-25 | CVE-2024-3622 | cve | A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issu... |
N/A | 2024-04-25 | CVE-2024-3623 | cve | A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template fil... |
N/A | 2024-04-25 | CVE-2024-3624 | cve | A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to t... |
N/A | 2024-04-25 | CVE-2024-3625 | cve | A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a maliciou... |
N/A | 2024-04-25 | CVE-2024-30939 | cve | An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control of an account via a flaw in the facto... |
N/A | 2024-04-25 | CVE-2024-31615 | cve | ThinkCMF 6.0.9 is vulnerable to File upload via UeditorController.php. |
Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ... | Result(s) : 272270 |