| Page(s) : 1 ... 616 617 618 619 620 621 622 623 624 625 [626] 627 628 629 630 631 632 633 634 635 636 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-03-28 | CVE-2021-26599 | cve | ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection. |
| 9.8 | 2022-03-28 | CVE-2022-26258 | cve | D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp. |
| 9.8 | 2022-03-28 | CVE-2022-26255 | cve | Clash for Windows v0.19.8 was discovered to allow arbitrary code execution via a crafted payload injected into the Proxies name column. |
| 9.8 | 2022-03-28 | CVE-2022-25757 | cve | In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the ... |
| 9.8 | 2022-03-28 | CVE-2022-23884 | cve | Mojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer). |
| 9.8 | 2022-03-28 | CVE-2022-0342 | cve | An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, AT... |
| 9.8 | 2022-03-28 | CVE-2022-23882 | cve | TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. |
| 10 | 2022-03-28 | CVE-2021-46433 | cve | In fenom 2.12.1 and before, there is a way in fenom/src/Fenom/Template.php function getTemplateCode()to bypass sandbox to execute arbitrary PHP code when disable_native_funcs is... |
| 9.8 | 2022-03-28 | CVE-2022-26278 | cve | Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. |
| 9.8 | 2022-03-28 | CVE-2003-5001 | cve | A vulnerability was found in ISS BlackICE PC Protection and classified as critical. Affected by this issue is the component Cross Site Scripting Detection. The manipulation as p... |
| 9.8 | 2022-03-28 | CVE-2022-0735 | cve | An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from ... |
| 9.1 | 2022-03-28 | CVE-2022-0249 | cve | A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked. |
| 9.8 | 2022-03-28 | CVE-2022-0787 | cve | The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (availab... |
| 9.8 | 2022-03-28 | CVE-2022-0846 | cve | The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJA... |
| 9.8 | 2022-03-28 | CVE-2021-25070 | cve | The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injecti... |
| 9.8 | 2022-03-28 | CVE-2022-0479 | cve | The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb-subscription-popup-id parameter before using it in a SQL statement in the All Subscribers a... |
| 9.8 | 2022-03-28 | CVE-2022-0784 | cve | The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (availa... |
| 9.8 | 2022-03-28 | CVE-2022-0679 | cve | The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distribut... |
| 9.1 | 2022-03-27 | CVE-2022-1106 | cve | use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. |
| 9.8 | 2022-03-27 | CVE-2022-26245 | cve | Falcon-plus v0.3 was discovered to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go. |
| Page(s) : 1 ... 616 617 618 619 620 621 622 623 624 625 [626] 627 628 629 630 631 632 633 634 635 636 ... | Result(s) : 43431 |
