| Page(s) : 1 ... 604 605 606 607 608 609 610 611 612 613 [614] 615 616 617 618 619 620 621 622 623 624 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 10 | 2022-04-14 | CVE-2021-40422 | cve | An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to ... |
| 9 | 2022-04-13 | CVE-2021-42136 | cve | A stored Cross-Site Scripting (XSS) vulnerability in the Missing Data Codes functionality of REDCap before 11.4.0 allows remote attackers to execute JavaScript code in the clien... |
| 9.8 | 2022-04-13 | CVE-2021-22795 | cve | A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote code execution when pe... |
| 9.8 | 2022-04-13 | CVE-2021-22794 | cve | A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution. Affected Product: ... |
| 9.8 | 2022-04-13 | CVE-2021-43741 | cve | CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution. |
| 10 | 2022-04-13 | CVE-2022-24816 | cve | JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remo... |
| 9.8 | 2022-04-13 | CVE-2022-27479 | cve | Apache Superset before 1.4.2 is vulnerable to SQL injection in chart data requests. Users should update to 1.4.2 or higher which addresses this issue. |
| 9.8 | 2022-04-13 | CVE-2022-24788 | cve | Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from ... |
| 9 | 2022-04-13 | CVE-2022-1345 | cve | Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it ca... |
| 9.8 | 2022-04-13 | CVE-2022-22956 | cve | VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authent... |
| 9.8 | 2022-04-13 | CVE-2022-22955 | cve | VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authent... |
| 9.8 | 2022-04-13 | CVE-2022-24845 | cve | Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In affected versions, the return of `.returns_int128()` is not validated to fall within the bounds ... |
| 9 | 2022-04-13 | CVE-2022-1344 | cve | Stored XSS due to no sanitization in the filename in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's ... |
| 9 | 2022-04-13 | CVE-2022-1346 | cve | Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to ses... |
| 9.8 | 2022-04-12 | CVE-2022-27163 | cve | CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser |
| 9.8 | 2022-04-12 | CVE-2022-27263 | cve | An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file. |
| 9.8 | 2022-04-12 | CVE-2022-27164 | cve | CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers |
| 9.8 | 2022-04-12 | CVE-2022-27140 | cve | An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. NOTE: the vendor&... |
| 9.8 | 2022-04-12 | CVE-2022-28036 | cve | AtomCMS 2.0 is vulnerable to SQL Injection via Atom.CMS_admin_ajax_navigation.php |
| 9.8 | 2022-04-12 | CVE-2022-27139 | cve | An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as ... |
| Page(s) : 1 ... 604 605 606 607 608 609 610 611 612 613 [614] 615 616 617 618 619 620 621 622 623 624 ... | Result(s) : 43431 |
