| Page(s) : 1 ... 647 648 649 650 651 652 653 654 655 656 [657] 658 659 660 661 662 663 664 665 666 667 ... | Result(s) : 43432 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-02-06 | CVE-2022-22832 | cve | An issue was discovered in Servisnet Tessa 0.0.2. Authorization data is available via an unauthenticated /data-service/users/ request. |
| 9.8 | 2022-02-05 | CVE-2021-38172 | cve | perM 0.4.0 has a Buffer Overflow related to strncpy. (Debian initially fixed this in 0.4.0-7.) |
| 9.8 | 2022-02-04 | CVE-2022-0365 | cve | The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user. |
| 9.8 | 2022-02-04 | CVE-2021-28503 | cve | The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attack... |
| 9.8 | 2022-02-04 | CVE-2022-22987 | cve | The affected product has a hardcoded private key available inside the project folder, which may allow an attacker to achieve Web Server login and perform further actions. |
| 9.8 | 2022-02-04 | CVE-2022-23611 | cve | iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize image file paths leading to OS... |
| 9.8 | 2022-02-04 | CVE-2021-44779 | cve | Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress plugin (versions |
| 9.3 | 2022-02-04 | CVE-2021-21965 | cve | A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets ca... |
| 9.8 | 2022-02-04 | CVE-2022-23614 | cve | Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbit... |
| 9.8 | 2022-02-04 | CVE-2021-29393 | cve | Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arb... |
| 9.8 | 2022-02-04 | CVE-2022-23587 | cve | Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation fo... |
| 9.8 | 2022-02-04 | CVE-2021-29396 | cve | Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to use various functionalities without authentication. |
| 9.1 | 2022-02-04 | CVE-2022-23609 | cve | iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows utility. In affected versions iTunesRPC-Remastered did not properly sanitize user input used to remove file... |
| 9.8 | 2022-02-04 | CVE-2021-23470 | cve | This affects the package putil-merge before 3.8.0. The merge() function does not check the values passed into the argument. An attacker can supply a malicious value by adjusting... |
| 10 | 2022-02-04 | CVE-2021-21961 | cve | A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to re... |
| 10 | 2022-02-04 | CVE-2021-21960 | cve | A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead... |
| 9.8 | 2022-02-04 | CVE-2022-23379 | cve | Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid(). |
| 9.8 | 2022-02-04 | CVE-2021-23497 | cve | This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability de... |
| 9.8 | 2022-02-04 | CVE-2021-23507 | cve | The package object-path-set before 1.0.2 are vulnerable to Prototype Pollution via the setPath method, as it allows an attacker to merge object prototypes into it. *Note:* This ... |
| 9.8 | 2022-02-04 | CVE-2021-36152 | cve | Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions |
| Page(s) : 1 ... 647 648 649 650 651 652 653 654 655 656 [657] 658 659 660 661 662 663 664 665 666 667 ... | Result(s) : 43432 |
