| Page(s) : 1 ... 518 519 520 521 522 523 524 525 526 527 [528] 529 530 531 532 533 534 535 536 537 538 ... | Result(s) : 43383 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-08-22 | CVE-2022-37134 | cve | D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be s... |
| 9.8 | 2022-08-22 | CVE-2022-35150 | cve | Baijicms v4 was discovered to contain an arbitrary file upload vulnerability. |
| 9.8 | 2022-08-22 | CVE-2022-35583 | cve | wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it... |
| 9.8 | 2022-08-22 | CVE-2022-2927 | cve | Weak Password Requirements in GitHub repository notrinos/notrinoserp prior to 0.7. |
| 9.8 | 2022-08-22 | CVE-2022-36198 | cve | Multiple SQL injections detected in Bus Pass Management System 1.0 via buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/change... |
| 9.8 | 2022-08-21 | CVE-2022-34916 | cve | Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an... |
| 9.8 | 2022-08-20 | CVE-2022-36030 | cve | Project-nexus is a general-purpose blog website framework. Affected versions are subject to SQL injection due to a lack of sensitization of user input. This issue has not yet be... |
| 9.8 | 2022-08-19 | CVE-2022-36220 | cve | Kiosk breakout (without quit password) in Safe Exam Browser (Windows) |
| 9.8 | 2022-08-19 | CVE-2022-29805 | cve | A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1 allows remote attackers to execute arbitrary code via a crafted XML payload. |
| 9.8 | 2022-08-19 | CVE-2022-36578 | cve | jizhicms v2.3.1 has SQL injection in the background. |
| 9.8 | 2022-08-19 | CVE-2022-36606 | cve | Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database. |
| 9.8 | 2022-08-19 | CVE-2022-36605 | cve | Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter. |
| 9.8 | 2022-08-19 | CVE-2022-35201 | cve | Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability. |
| 9.8 | 2022-08-19 | CVE-2022-34615 | cve | Mealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. |
| 9.8 | 2022-08-19 | CVE-2022-37175 | cve | Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. |
| 9.8 | 2022-08-19 | CVE-2022-23459 | cve | Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx use of the Value class may lead to memory corruption via a double free or via... |
| 9.1 | 2022-08-19 | CVE-2022-22489 | cve | IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit t... |
| 9.1 | 2022-08-19 | CVE-2020-27794 | cve | A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing... |
| 9.8 | 2022-08-18 | CVE-2022-36725 | cve | Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php. |
| 9.8 | 2022-08-18 | CVE-2022-36727 | cve | Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at /staff/delete.php. |
| Page(s) : 1 ... 518 519 520 521 522 523 524 525 526 527 [528] 529 530 531 532 533 534 535 536 537 538 ... | Result(s) : 43383 |
