| Page(s) : 1 ... 554 555 556 557 558 559 560 561 562 563 [564] 565 566 567 568 569 570 571 572 573 574 ... | Result(s) : 43428 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-06-24 | CVE-2022-34054 | cve | The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive... |
| 9.1 | 2022-06-24 | CVE-2022-30117 | cve | Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This ... |
| 9.8 | 2022-06-24 | CVE-2022-34055 | cve | The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user inf... |
| 9.8 | 2022-06-24 | CVE-2022-34056 | cve | The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user i... |
| 9.8 | 2022-06-24 | CVE-2022-34057 | cve | The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive... |
| 9.8 | 2022-06-24 | CVE-2022-34059 | cve | The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive use... |
| 9.8 | 2022-06-24 | CVE-2022-34060 | cve | The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digi... |
| 9.8 | 2022-06-24 | CVE-2022-34061 | cve | The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user informatio... |
| 9.8 | 2022-06-24 | CVE-2022-34064 | cve | The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital curren... |
| 9.8 | 2022-06-24 | CVE-2022-34065 | cve | The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and d... |
| 9.8 | 2022-06-24 | CVE-2022-34066 | cve | The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and... |
| 9.8 | 2022-06-24 | CVE-2022-1517 | cve | LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change se... |
| 9.8 | 2022-06-24 | CVE-2022-28620 | cve | A remote authentication bypass vulnerability was discovered in HPE Cray Legacy Shasta System Solutions; HPE Slingshot; and HPE Cray EX supercomputers versions: Prior to node con... |
| 9.8 | 2022-06-24 | CVE-2022-2120 | cve | OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary dire... |
| 9.8 | 2022-06-24 | CVE-2022-2119 | cve | OFFIS DCMTK's (All versions prior to 3.6.7) service class provider (SCP) is vulnerable to path traversal, allowing an attacker to write DICOM files into arbitrary directori... |
| 9.1 | 2022-06-24 | CVE-2022-2105 | cve | Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web s... |
| 9.8 | 2022-06-24 | CVE-2022-2104 | cve | The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash). |
| 9.1 | 2022-06-24 | CVE-2022-2103 | cve | An attacker with weak credentials could access the TCP port via an open FTP port, allowing an attacker to read sensitive files and write to remotely executable directories. |
| 9.8 | 2022-06-24 | CVE-2022-1668 | cve | Weak default root user credentials allow remote attackers to easily obtain OS superuser privileges over the open TCP port for SSH. |
| 9.8 | 2022-06-24 | CVE-2022-1519 | cve | LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a re... |
| Page(s) : 1 ... 554 555 556 557 558 559 560 561 562 563 [564] 565 566 567 568 569 570 571 572 573 574 ... | Result(s) : 43428 |
