| Page(s) : 1 ... 628 629 630 631 632 633 634 635 636 637 [638] 639 640 641 642 643 644 645 646 647 648 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-03-14 | CVE-2022-0658 | cve | The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before... |
| 9.8 | 2022-03-14 | CVE-2022-0254 | cve | The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin d... |
| 9.8 | 2022-03-14 | CVE-2022-0169 | cve | The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_fr... |
| 9.8 | 2022-03-14 | CVE-2021-25007 | cve | The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection |
| 9.8 | 2022-03-14 | CVE-2021-25003 | cve | The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE |
| 9.1 | 2022-03-14 | CVE-2022-26320 | cve | The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices th... |
| 9.8 | 2022-03-14 | CVE-2022-21187 | cve | The package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed t... |
| 9.8 | 2022-03-13 | CVE-2021-45887 | cve | An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded b... |
| 10 | 2022-03-12 | CVE-2022-24760 | cve | Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affe... |
| 9.3 | 2022-03-11 | CVE-2022-24096 | cve | Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code executio... |
| 9.8 | 2022-03-11 | CVE-2021-44618 | cve | A Server-side Template Injection (SSTI) vulnerability exists in Nystudio107 Seomatic 3.4.12 in src/helpers/UrlHelper.php via the host header. |
| 9.8 | 2022-03-11 | CVE-2022-24754 | cve | PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerabil... |
| 9.8 | 2022-03-11 | CVE-2021-44620 | cve | A Command Injection vulnerability exits in TOTOLINK A3100R |
| 9.8 | 2022-03-11 | CVE-2022-24433 | cve | The package simple-git before 3.3.0 are vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) function, both the remote and ... |
| 9.8 | 2022-03-11 | CVE-2022-23730 | cve | The public API error causes for the attacker to be able to bypass API access control. |
| 9.3 | 2022-03-11 | CVE-2022-24095 | cve | Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code executio... |
| 9.8 | 2022-03-11 | CVE-2022-21194 | cve | The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.2... |
| 9.1 | 2022-03-11 | CVE-2022-0860 | cve | Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. |
| 9.3 | 2022-03-11 | CVE-2022-24097 | cve | Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in th... |
| 9.8 | 2022-03-11 | CVE-2022-23402 | cve | The following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00... |
| Page(s) : 1 ... 628 629 630 631 632 633 634 635 636 637 [638] 639 640 641 642 643 644 645 646 647 648 ... | Result(s) : 43431 |
