| Page(s) : 1 ... 643 644 645 646 647 648 649 650 651 652 [653] 654 655 656 657 658 659 660 661 662 663 ... | Result(s) : 43432 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2022-02-14 | CVE-2022-24976 | cve | Atheme IRC Services before 7.2.12, when used in conjunction with InspIRCd, allows authentication bypass by ending an IRC handshake at a certain point during a challenge-response... |
| 9.6 | 2022-02-12 | CVE-2022-0290 | cve | Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. |
| 9.6 | 2022-02-12 | CVE-2022-0097 | cve | Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow... |
| 9.8 | 2022-02-11 | CVE-2020-13675 | cve | Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vuln... |
| 9.8 | 2022-02-11 | CVE-2021-31932 | cve | Nokia BTS TRS web console FTM_W20_FP2_2019.08.16_0010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the we... |
| 9.8 | 2022-02-11 | CVE-2020-36062 | cve | Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. |
| 9.8 | 2022-02-11 | CVE-2021-22801 | cve | A CWE-269: Improper Privilege Management vulnerability exists that could cause an arbitrary command execution when the software is configured with specially crafted event action... |
| 9.8 | 2022-02-11 | CVE-2021-46361 | cve | An issue in the Freemark Filter of Magnolia CMS v6.2.11 and below allows attackers to bypass security restrictions and execute arbitrary code via a crafted FreeMarker payload. |
| 9.8 | 2022-02-11 | CVE-2021-34235 | cve | Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the Field__UserLogin parameter on the logon page. |
| 9.8 | 2022-02-11 | CVE-2021-22802 | cve | A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a c... |
| 9.8 | 2022-02-11 | CVE-2021-22803 | cve | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could lead to remote code execution through a number of paths, when an attacker, writes arbi... |
| 9.8 | 2022-02-11 | CVE-2020-14521 | cve | Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious code execution vulnerability. A malicious attacker could use this vulnerability to... |
| 9.1 | 2022-02-11 | CVE-2021-22805 | cve | A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of ... |
| 9.8 | 2022-02-11 | CVE-2020-14523 | cve | Multiple Mitsubishi Electric Factory Automation products have a vulnerability that allows an attacker to execute arbitrary code. |
| 9.8 | 2022-02-11 | CVE-2021-23555 | cve | The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can l... |
| 9.8 | 2022-02-11 | CVE-2021-20001 | cve | It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu blend, before 2.12.16 configured insecure permissions for the user web shares (~/... |
| 9.8 | 2022-02-11 | CVE-2020-26728 | cve | A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in t... |
| 9.8 | 2022-02-11 | CVE-2021-46362 | cve | A Server-Side Template Injection (SSTI) vulnerability in the Registration and Forgotten Password forms of Magnolia v6.2.3 and below allows attackers to execute arbitrary code vi... |
| 9.1 | 2022-02-11 | CVE-2021-22823 | cve | A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause deletion of arbitrary files in the context of the user running IGSS due to lack of ... |
| 9.9 | 2022-02-11 | CVE-2021-42940 | cve | A Cross Site Scripting (XSS) vulnerability exists in Projeqtor 9.3.1 via /projeqtor/tool/saveAttachment.php, which allows an attacker to upload a SVG file containing malicious J... |
| Page(s) : 1 ... 643 644 645 646 647 648 649 650 651 652 [653] 654 655 656 657 658 659 660 661 662 663 ... | Result(s) : 43432 |
