| Page(s) : 1 ... 504 505 506 507 508 509 510 511 512 513 [514] 515 516 517 518 519 520 521 522 523 524 ... | Result(s) : 43379 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-09-13 | CVE-2022-20388 | cve | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323 |
| 9.8 | 2022-09-13 | CVE-2022-38637 | cve | Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. |
| 9.8 | 2022-09-13 | CVE-2022-20387 | cve | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324 |
| 9.8 | 2022-09-13 | CVE-2022-20391 | cve | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000 |
| 9.8 | 2022-09-13 | CVE-2022-20386 | cve | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328 |
| 9.8 | 2022-09-13 | CVE-2022-20390 | cve | Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002 |
| 9.8 | 2022-09-13 | CVE-2022-20385 | cve | a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it i... |
| 9.8 | 2022-09-13 | CVE-2022-38541 | cve | Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface. |
| 9.8 | 2022-09-13 | CVE-2022-38771 | cve | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to send SCRIPT tags as injected input to the API request. |
| 9.8 | 2022-09-13 | CVE-2021-0942 | cve | The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_t... |
| 9.8 | 2022-09-13 | CVE-2022-38768 | cve | The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization. |
| 9.9 | 2022-09-13 | CVE-2022-39206 | cve | Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket (e.g. /var/run/docker.sock on Linux) is mounted ... |
| 9.8 | 2022-09-13 | CVE-2022-35413 | cve | WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via... |
| 9.8 | 2022-09-13 | CVE-2022-39205 | cve | Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. In versions of Onedev prior to 7.3.0 unauthenticated users can take over a OneDev instance if there is no... |
| 9.8 | 2022-09-12 | CVE-2022-37300 | cve | A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when commun... |
| 9.8 | 2022-09-12 | CVE-2022-38296 | cve | Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vulnerability via the File Manager. |
| 9.8 | 2022-09-12 | CVE-2022-37860 | cve | The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability. |
| 9.8 | 2022-09-12 | CVE-2022-38292 | cve | SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3... |
| 9.8 | 2022-09-12 | CVE-2022-1700 | cve | Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by F... |
| 9.8 | 2022-09-12 | CVE-2022-38297 | cve | UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. |
| Page(s) : 1 ... 504 505 506 507 508 509 510 511 512 513 [514] 515 516 517 518 519 520 521 522 523 524 ... | Result(s) : 43379 |
