| Page(s) : 1 ... 505 506 507 508 509 510 511 512 513 514 [515] 516 517 518 519 520 521 522 523 524 525 ... | Result(s) : 43379 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-09-12 | CVE-2022-38296 | cve | Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vulnerability via the File Manager. |
| 9.8 | 2022-09-12 | CVE-2022-38292 | cve | SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side Request Forgeries via the components /bibliography/marcsru.php and /bibliography/z3... |
| 9.8 | 2022-09-11 | CVE-2022-39135 | cve | Apache Calcite 1.22.0 introduced the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuratio... |
| 9.1 | 2022-09-09 | CVE-2022-36793 | cve | Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities in WP Shop plugin |
| 9.8 | 2022-09-09 | CVE-2022-40305 | cve | A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified... |
| 9.8 | 2022-09-09 | CVE-2022-25765 | cve | The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. |
| 9.8 | 2022-09-09 | CVE-2022-36376 | cve | Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin |
| 9.8 | 2022-09-09 | CVE-2022-2526 | cve | A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c'... |
| 9.1 | 2022-09-09 | CVE-2022-38638 | cve | Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource. |
| 9.8 | 2022-09-09 | CVE-2021-44835 | cve | An issue was discovered in Active Intelligent Visualization 5. The Vdc header is used in a SQL query without being sanitized. This causes SQL injection. |
| 9 | 2022-09-08 | CVE-2022-36094 | cve | XWiki Platform Web Parent POM contains Web resources for the XWiki platform, a generic wiki platform. Starting with version 1.0 and prior to versions 13.10.6 and 14.30-rc-1, it&... |
| 9.8 | 2022-09-08 | CVE-2022-37163 | cve | Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additional... |
| 9 | 2022-09-08 | CVE-2022-36096 | cve | The XWiki Platform Index UI is an Index of all pages, attachments, orphans and deleted pages and attachments for XWiki Platform, a generic wiki platform. Prior to versions 13.10... |
| 9.8 | 2022-09-08 | CVE-2022-37164 | cve | Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. Additionally, user p... |
| 9.8 | 2022-09-08 | CVE-2022-33941 | cve | PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arb... |
| 9.1 | 2022-09-08 | CVE-2022-27593 | cve | An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify s... |
| 9.8 | 2022-09-08 | CVE-2022-20923 | cve | A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote att... |
| 9 | 2022-09-08 | CVE-2022-36098 | cve | XWiki Platform Mentions UI is a user interface for mentioning users in wiki content for XWiki Platform, a generic wiki platform. Starting in version 12.5-rc-1 and prior to versi... |
| 9.8 | 2022-09-08 | CVE-2022-25914 | cve | The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input. |
| 9.8 | 2022-09-08 | CVE-2022-36085 | cve | Open Policy Agent (OPA) is an open source, general-purpose policy engine. The Rego compiler provides a (deprecated) `WithUnsafeBuiltins` function, which allows users to provide ... |
| Page(s) : 1 ... 505 506 507 508 509 510 511 512 513 514 [515] 516 517 518 519 520 521 522 523 524 525 ... | Result(s) : 43379 |
