| Page(s) : 1 ... 549 550 551 552 553 554 555 556 557 558 [559] 560 561 562 563 564 565 566 567 568 569 ... | Result(s) : 43428 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.3 | 2022-07-11 | CVE-2022-31587 | cve | The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. |
| 9.3 | 2022-07-11 | CVE-2022-31588 | cve | The zippies/testplatform repository through 2016-07-19 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. |
| 9.8 | 2022-07-11 | CVE-2022-32294 | cve | Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 ... |
| 9.8 | 2022-07-08 | CVE-2022-1245 | cve | A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange token... |
| 9.8 | 2022-07-08 | CVE-2022-28623 | cve | Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated ... |
| 9.8 | 2022-07-08 | CVE-2022-31137 | cve | Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System com... |
| 9.8 | 2022-07-08 | CVE-2022-34914 | cve | Webswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be use... |
| 9.8 | 2022-07-08 | CVE-2022-35411 | cve | rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the... |
| 9.8 | 2022-07-07 | CVE-2022-32207 | cve | When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the fina... |
| 9.8 | 2022-07-07 | CVE-2022-25046 | cve | A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request. |
| 9.1 | 2022-07-07 | CVE-2021-46825 | cve | Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. When a remote unauthenticated attacker and other web clients communicate thro... |
| 9.8 | 2022-07-07 | CVE-2021-35283 | cve | SQL Injection vulnerability in product_admin.php in atoms183 CMS 1.0, allows attackers to execute arbitrary commands via the Name, Fname, and ID parameters to search.php. |
| 9.8 | 2022-07-07 | CVE-2021-29281 | cve | File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE... |
| 9.8 | 2022-07-07 | CVE-2022-34592 | cve | Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability via the function obtw. This vulnerability allows attackers to execute arbitra... |
| 9.8 | 2022-07-07 | CVE-2022-32449 | cve | TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via the langType parameter in the setLanguageCfg function. This vulnerability is explo... |
| 9.8 | 2022-07-07 | CVE-2022-32056 | cve | Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php. |
| 9.8 | 2022-07-07 | CVE-2022-32054 | cve | Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter. |
| 9.8 | 2022-07-07 | CVE-2022-33936 | cve | Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user could potentially exploit this vulnerability, leading to achieving a root shel... |
| 9.8 | 2022-07-06 | CVE-2022-31126 | cve | Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code ... |
| 9.8 | 2022-07-06 | CVE-2022-33980 | cve | Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:na... |
| Page(s) : 1 ... 549 550 551 552 553 554 555 556 557 558 [559] 560 561 562 563 564 565 566 567 568 569 ... | Result(s) : 43428 |
