| Page(s) : 1 ... 538 539 540 541 542 543 544 545 546 547 [548] 549 550 551 552 553 554 555 556 557 558 ... | Result(s) : 43430 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-07-25 | CVE-2020-7677 | cve | This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval fu... |
| 9.8 | 2022-07-25 | CVE-2020-28471 | cve | This affects the package properties-reader before 2.2.0. |
| 9.8 | 2022-07-25 | CVE-2020-28462 | cve | This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the... |
| 9.8 | 2022-07-25 | CVE-2020-28461 | cve | This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the ap... |
| 9.8 | 2022-07-25 | CVE-2020-28447 | cve | This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath) |
| 9.8 | 2022-07-25 | CVE-2020-28446 | cve | The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js. |
| 9.8 | 2022-07-25 | CVE-2020-28443 | cve | This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js. |
| 9.8 | 2022-07-25 | CVE-2020-28445 | cve | This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function. |
| 9.8 | 2022-07-25 | CVE-2022-34577 | cve | A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request. |
| 9.8 | 2022-07-25 | CVE-2022-35869 | cve | This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition 8.1.15 (b2022030114). Authentication is not requir... |
| 9 | 2022-07-25 | CVE-2022-35131 | cve | Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. |
| 9.8 | 2022-07-25 | CVE-2020-28436 | cve | This affects all versions of package google-cloudstorage-commands. |
| 9.8 | 2022-07-25 | CVE-2020-28435 | cve | This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js. |
| 9.8 | 2022-07-25 | CVE-2020-28438 | cve | This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js |
| 9.8 | 2022-07-25 | CVE-2020-28441 | cve | This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on ... |
| 9.8 | 2022-07-23 | CVE-2016-15004 | cve | A vulnerability was found in InfiniteWP Client Plugin 1.5.1.3/1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulati... |
| 9.8 | 2022-07-22 | CVE-2022-34500 | cve | The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party. |
| 9.8 | 2022-07-22 | CVE-2022-34509 | cve | The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party. |
| 9.8 | 2022-07-22 | CVE-2022-34501 | cve | The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party. |
| 9.8 | 2022-07-22 | CVE-2022-25759 | cve | The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. |
| Page(s) : 1 ... 538 539 540 541 542 543 544 545 546 547 [548] 549 550 551 552 553 554 555 556 557 558 ... | Result(s) : 43430 |
