Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 596 597 598 599 600 601 602 603 604 605 [606] 607 608 609 610 611 612 613 614 615 616 ... Result(s) : 43431

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2022-05-01 CVE-2022-25842 cve All versions of package com.alibaba.oneagent:one-java-agent-plugin are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) using a specially crafted archive tha...
9.8 2022-05-01 CVE-2022-25301 cve All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such ...
9.9 2022-04-30 CVE-2021-42001 cve PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An attacker capable of exploiting this vulnerability ...
9.8 2022-04-29 CVE-2022-29906 cve The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.
9.8 2022-04-29 CVE-2022-29904 cve The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' ...
9.8 2022-04-29 CVE-2022-1531 cve SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can le...
9.8 2022-04-29 CVE-2021-44596 cve Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "I...
9.8 2022-04-29 CVE-2022-28994 cve Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request.
9.8 2022-04-29 CVE-2022-28480 cve ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe.
9.8 2022-04-29 CVE-2021-43938 cve Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various files from the server without any authentication or authorization.
9.8 2022-04-29 CVE-2022-28452 cve Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.
9.1 2022-04-28 CVE-2021-41945 cve Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.
9.8 2022-04-28 CVE-2022-24449 cve Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document.
9.8 2022-04-28 CVE-2022-29556 cve The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can ex...
9.8 2022-04-28 CVE-2022-29081 cve Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs (for ...
9.8 2022-04-28 CVE-2021-43934 cve Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files.
9 2022-04-28 CVE-2022-28101 cve Turtlapp Turtle Note v0.7.2.6 does not filter the tag during markdown parsing, allowing attackers to execute HTML injection.
9.8 2022-04-28 CVE-2022-28719 cve Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload ...
9.8 2022-04-28 CVE-2021-41921 cve novel-plus V3.6.1 allows unrestricted file uploads. Unrestricted file suffixes and contents can lead to server attacks and arbitrary code execution.
9.1 2022-04-28 CVE-2022-28114 cve DSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php.
Page(s) : 1 ... 596 597 598 599 600 601 602 603 604 605 [606] 607 608 609 610 611 612 613 614 615 616 ... Result(s) : 43431