| Page(s) : 1 ... 553 554 555 556 557 558 559 560 561 562 [563] 564 565 566 567 568 569 570 571 572 573 ... | Result(s) : 43428 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-06-29 | CVE-2022-32532 | cve | Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular e... |
| 9.8 | 2022-06-28 | CVE-2022-34132 | cve | Benjamin BALET Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php. |
| 9.8 | 2022-06-28 | CVE-2022-31885 | cve | Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts. |
| 9.8 | 2022-06-28 | CVE-2022-31230 | cve | Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerabili... |
| 9.8 | 2022-06-28 | CVE-2020-19896 | cve | File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php. |
| 9.8 | 2022-06-28 | CVE-2022-31887 | cve | Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user ... |
| 9.8 | 2022-06-28 | CVE-2022-31056 | cve | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance ... |
| 9.8 | 2022-06-28 | CVE-2022-31061 | cve | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL ... |
| 9.8 | 2022-06-28 | CVE-2022-31106 | cve | Underscore.deep is a collection of Underscore mixins that operate on nested objects. Versions of `underscore.deep` prior to version 0.5.3 are vulnerable to a prototype pollution... |
| 9.1 | 2022-06-27 | CVE-2022-1953 | cve | The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated u... |
| 9.8 | 2022-06-27 | CVE-2022-1574 | cve | The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers c... |
| 9.8 | 2022-06-27 | CVE-2022-2216 | cve | Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0. |
| 9 | 2022-06-27 | CVE-2022-2140 | cve | Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters. |
| 9.8 | 2022-06-27 | CVE-2022-31082 | cve | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin fo... |
| 9.8 | 2022-06-27 | CVE-2017-20099 | cve | A vulnerability was found in Analytics Stats Counter Statistics Plugin 1.2.2.5 and classified as critical. This issue affects some unknown processing. The manipulation leads to ... |
| 9.8 | 2022-06-27 | CVE-2022-28171 | cve | The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit th... |
| 9.8 | 2022-06-27 | CVE-2022-32995 | cve | Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function. |
| 9.8 | 2022-06-27 | CVE-2022-32994 | cve | Halo CMS v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the component /api/admin/attachments/upload. |
| 9.8 | 2022-06-27 | CVE-2022-32092 | cve | D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter at __ajax_explorer.sgi. |
| 9.1 | 2022-06-25 | CVE-2022-33128 | cve | RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability via the function get_alarmAction at /alarm_pi/alarmService.php. |
| Page(s) : 1 ... 553 554 555 556 557 558 559 560 561 562 [563] 564 565 566 567 568 569 570 571 572 573 ... | Result(s) : 43428 |
