| Page(s) : 1 ... 595 596 597 598 599 600 601 602 603 604 [605] 606 607 608 609 610 611 612 613 614 615 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-05-02 | CVE-2022-1371 | cve | Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queri... |
| 9.8 | 2022-05-02 | CVE-2022-1370 | cve | Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadREGbyID. This allows an attacker to inject arbitrary SQL qu... |
| 9.8 | 2022-05-02 | CVE-2022-1369 | cve | Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in ReadRegIND. This allows an attacker to inject arbitrary SQL que... |
| 9.8 | 2022-05-02 | CVE-2022-1367 | cve | Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in Handler_TCV.ashx. This allows an attacker to inject arbitrary S... |
| 9.1 | 2022-05-02 | CVE-2021-3643 | cve | A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to t... |
| 9.3 | 2022-05-02 | CVE-2021-42530 | cve | XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the ... |
| 9.8 | 2022-05-02 | CVE-2020-23621 | cve | The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied conte... |
| 9.8 | 2022-05-02 | CVE-2020-23620 | cve | The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which c... |
| 9.8 | 2022-05-02 | CVE-2022-0773 | cve | The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL In... |
| 9.8 | 2022-05-02 | CVE-2022-0783 | cve | The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some AJAX... |
| 9.8 | 2022-05-02 | CVE-2022-1281 | cve | The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'] parameter, which is appended to an SQL query, making SQL Injection a... |
| 9.8 | 2022-05-02 | CVE-2022-28571 | cve | D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr/bin/cli. |
| 9.8 | 2022-05-02 | CVE-2022-1366 | cve | Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary ... |
| 9.8 | 2022-05-01 | CVE-2022-25301 | cve | All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such ... |
| 9.8 | 2022-05-01 | CVE-2022-25842 | cve | All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive tha... |
| 9.8 | 2022-05-01 | CVE-2022-25767 | cve | All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and ... |
| 9.8 | 2022-05-01 | CVE-2022-24437 | cve | The package git-pull-or-clone before 2.0.2 are vulnerable to Command Injection due to the use of the --upload-pack feature of git which is also supported for git clone. The sour... |
| 9.8 | 2022-05-01 | CVE-2022-21189 | cve | The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which d... |
| 9.8 | 2022-05-01 | CVE-2022-28481 | cve | CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection. |
| 9.8 | 2022-05-01 | CVE-2022-21167 | cve | All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData function in the SocketClient.cs component. The socket client in the p... |
| Page(s) : 1 ... 595 596 597 598 599 600 601 602 603 604 [605] 606 607 608 609 610 611 612 613 614 615 ... | Result(s) : 43431 |
