| Page(s) : 1 ... 509 510 511 512 513 514 515 516 517 518 [519] 520 521 522 523 524 525 526 527 528 529 ... | Result(s) : 43382 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-09-02 | CVE-2022-36759 | cve | Online Food Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the component /dishes.php?res_id=. |
| 9.8 | 2022-09-02 | CVE-2020-22669 | cve | Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in th... |
| 9.8 | 2022-09-02 | CVE-2022-22096 | cve | Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile |
| 9.8 | 2022-09-02 | CVE-2022-25658 | cve | Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connec... |
| 9.8 | 2022-09-02 | CVE-2022-36642 | cve | A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him... |
| 9.8 | 2022-09-02 | CVE-2022-36640 | cve | influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignmen... |
| 9.1 | 2022-09-02 | CVE-2022-22062 | cve | An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu... |
| 9.8 | 2022-09-02 | CVE-2022-25657 | cve | Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, ... |
| 9.8 | 2022-09-02 | CVE-2022-34371 | cve | Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious un... |
| 9.8 | 2022-09-01 | CVE-2020-35527 | cve | In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause. |
| 9.9 | 2022-09-01 | CVE-2022-36130 | cve | HashiCorp Boundary up to 0.10.1 did not properly perform data integrity checks to ensure the resources were associated with the correct scopes, allowing potential privilege esca... |
| 9.8 | 2022-09-01 | CVE-2022-34379 | cve | Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attacker, with the knowledge of the active directory usernames, could po... |
| 9.8 | 2022-09-01 | CVE-2022-36601 | cve | The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated attackers to gain root privileges on the ... |
| 9.1 | 2022-09-01 | CVE-2022-34372 | cve | Dell PowerProtect Cyber Recovery versions before 19.11.0.2 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially access and interact ... |
| 9.8 | 2022-09-01 | CVE-2022-36672 | cve | Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session. |
| 9.8 | 2022-08-31 | CVE-2022-37128 | cve | In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end. |
| 9.8 | 2022-08-31 | CVE-2022-37130 | cve | In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced ... |
| 9.8 | 2022-08-31 | CVE-2022-36201 | cve | Doctor’s Appointment System v1.0 is vulnerable to Blind SQLi via settings.php. |
| 9.8 | 2022-08-31 | CVE-2022-36566 | cve | Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine function. |
| 9.8 | 2022-08-31 | CVE-2022-37125 | cve | D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost. |
| Page(s) : 1 ... 509 510 511 512 513 514 515 516 517 518 [519] 520 521 522 523 524 525 526 527 528 529 ... | Result(s) : 43382 |
