| Page(s) : 1 ... 562 563 564 565 566 567 568 569 570 571 [572] 573 574 575 576 577 578 579 580 581 582 ... | Result(s) : 43429 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-06-14 | CVE-2022-27668 | cve | Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration c... |
| 9.8 | 2022-06-14 | CVE-2021-42675 | cve | Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution. |
| 9.8 | 2022-06-14 | CVE-2022-32352 | cve | Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient_admission. |
| 9.8 | 2022-06-14 | CVE-2022-32336 | cve | Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=. |
| 9.8 | 2022-06-14 | CVE-2022-31311 | cve | An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute arbitrary commands via a crafted POST request. |
| 9.1 | 2022-06-14 | CVE-2022-27889 | cve | The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could p... |
| 9.8 | 2022-06-14 | CVE-2022-25167 | cve | Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an ... |
| 9.8 | 2022-06-14 | CVE-2022-31446 | cve | Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. |
| 9.1 | 2022-06-14 | CVE-2022-32328 | cve | Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. |
| 10 | 2022-06-13 | CVE-2022-30310 | cve | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unau... |
| 10 | 2022-06-13 | CVE-2022-30309 | cve | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-off" POST request doesn’t check for port syntax. This can result ... |
| 9.8 | 2022-06-13 | CVE-2022-30308 | cve | In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-web-viewer-request-on" POST request doesn’t check for port syntax. This can result i... |
| 9.8 | 2022-06-13 | CVE-2022-29247 | cve | Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6,... |
| 9.8 | 2022-06-13 | CVE-2022-31053 | cve | Biscuit is an authentication and authorization token for microservices architectures. The Biscuit specification version 1 contains a vulnerable algorithm that allows malicious a... |
| 9.8 | 2022-06-13 | CVE-2021-40036 | cve | The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. |
| 9.8 | 2022-06-13 | CVE-2021-41661 | cve | Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /up... |
| 9.8 | 2022-06-13 | CVE-2021-41662 | cve | The South Gate Inn Online Reservation System v1.0 contains an SQL injection vulnerability that can be chained with a malicious PHP file upload, which is caused by improper file ... |
| 9.8 | 2022-06-13 | CVE-2022-29797 | cve | There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation. |
| 9.1 | 2022-06-13 | CVE-2021-40604 | cve | A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via... |
| 9.8 | 2022-06-13 | CVE-2022-33175 | cve | Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insecure permissions setting on the user.token field that is accessible to everyon... |
| Page(s) : 1 ... 562 563 564 565 566 567 568 569 570 571 [572] 573 574 575 576 577 578 579 580 581 582 ... | Result(s) : 43429 |
