| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 173172 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.3 | 2020-08-03 | CVE-2020-4328 | cve | IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, ad... |
| 4.3 | 2020-08-03 | CVE-2019-4589 | cve | IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. IBM ... |
| 5.3 | 2020-08-03 | CVE-2019-4366 | cve | IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748. |
| 5.7 | 2020-07-31 | CVE-2020-5414 | cve | VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.8.13, and 2.9.x versions prior to 2.9.7) contains an App Autoscaler that logs... |
| 9.8 | 2020-07-31 | CVE-2020-5413 | cve | Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered cla... |
| 8.8 | 2020-07-31 | CVE-2020-5396 | cve | VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, ... |
| N/A | 2020-07-31 | CVE-2020-15871 | cve | Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution. |
| N/A | 2020-07-31 | CVE-2020-15870 | cve | Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2). |
| N/A | 2020-07-31 | CVE-2020-15869 | cve | Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2). |
| 6 | 2020-07-31 | CVE-2020-14311 | cve | There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an ar... |
| 6 | 2020-07-31 | CVE-2020-14310 | cve | There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verif... |
| N/A | 2020-07-31 | CVE-2019-11286 | cve | VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service avai... |
| N/A | 2020-07-31 | CVE-2020-5384 | cve | Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authentication Bypass vulnerability. A local unauthenticated attacker could potentially e... |
| N/A | 2020-07-31 | CVE-2020-15134 | cve | Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those l... |
| N/A | 2020-07-31 | CVE-2020-15133 | cve | In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The `Faye::WebSocket::Client` class uses the `EM::Connection#start_tls` m... |
| 6.3 | 2020-07-31 | CVE-2020-15128 | cve | In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cookie the value belonged to. This meant that certain classes of attacks that took... |
| 7.7 | 2020-07-31 | CVE-2020-16136 | cve | In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server pr... |
| N/A | 2020-07-31 | CVE-2020-12081 | cve | An information disclosure vulnerability has been identified in FlexNet Publisher lmadmin.exe 11.14.0.2. The web portal link can be used to access to system files or other import... |
| 6.5 | 2020-07-31 | CVE-2020-9249 | cve | HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service vulnerability. A module does not deal with mal-crafted messages and it leads ... |
| 6.7 | 2020-07-31 | CVE-2020-9248 | cve | Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can e... |
| Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 173172 |
