| Page(s) : 1 ... 619 620 621 622 623 624 625 626 627 628 [629] 630 631 632 633 634 635 636 637 638 639 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-03-23 | CVE-2022-23881 | cve | ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php. |
| 9.8 | 2022-03-23 | CVE-2022-23880 | cve | An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file. |
| 9.8 | 2022-03-23 | CVE-2022-25222 | cve | Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/... |
| 9.8 | 2022-03-23 | CVE-2022-24293 | cve | Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. |
| 9.8 | 2022-03-23 | CVE-2022-24292 | cve | Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. |
| 9.1 | 2022-03-23 | CVE-2022-22952 | cve | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious ac... |
| 9.1 | 2022-03-23 | CVE-2022-22951 | cve | VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An a... |
| 9.8 | 2022-03-23 | CVE-2022-0888 | cve | The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/con... |
| 9.8 | 2022-03-23 | CVE-2021-27476 | cve | A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated ... |
| 9.8 | 2022-03-23 | CVE-2021-27470 | cve | A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnera... |
| 9.8 | 2022-03-23 | CVE-2021-27468 | cve | The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a remo... |
| 9.8 | 2022-03-23 | CVE-2021-27466 | cve | A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vul... |
| 9.8 | 2022-03-23 | CVE-2021-27464 | cve | The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier exposes functions lacking proper authentication. This vulnerability may allow a ... |
| 9.8 | 2022-03-23 | CVE-2021-27460 | cve | Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the... |
| 9.8 | 2022-03-23 | CVE-2021-27462 | cve | A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnera... |
| 9.8 | 2022-03-23 | CVE-2022-24934 | cve | wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry. |
| 9.8 | 2022-03-23 | CVE-2021-27428 | cve | GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authentici... |
| 9.8 | 2022-03-23 | CVE-2021-27426 | cve | GE UR IED firmware versions prior to version 8.1x with “Basic” security variant does not allow the disabling of the “Factory Mode,” which is used for servicing the IED by a “Fac... |
| 9.8 | 2022-03-22 | CVE-2021-41736 | cve | Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp. |
| 9.8 | 2022-03-22 | CVE-2021-43650 | cve | WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process. |
| Page(s) : 1 ... 619 620 621 622 623 624 625 626 627 628 [629] 630 631 632 633 634 635 636 637 638 639 ... | Result(s) : 43431 |
