| Page(s) : 1 ... 658 659 660 661 662 663 664 665 666 667 [668] 669 670 671 672 673 674 675 676 677 678 ... | Result(s) : 43434 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-01-14 | CVE-2021-38682 | cve | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute... |
| 9.8 | 2022-01-14 | CVE-2022-23218 | cve | The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating ... |
| 9.8 | 2022-01-14 | CVE-2022-23219 | cve | The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating... |
| 9.8 | 2022-01-14 | CVE-2021-33962 | cve | China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability in the web interface /api/ZRUsb/pop_usb_device component. |
| 9.8 | 2022-01-14 | CVE-2022-23227 | cve | NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handle_import... |
| 9.8 | 2022-01-14 | CVE-2022-0224 | cve | dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command |
| 9.8 | 2022-01-14 | CVE-2021-45468 | cve | Imperva Web Application Firewall (WAF) before 2021-12-23 allows remote unauthenticated attackers to use "Content-Encoding: gzip" to evade WAF security controls and send maliciou... |
| 9.8 | 2022-01-14 | CVE-2021-44530 | cve | An injection vulnerability exists in a third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the applic... |
| 9.8 | 2022-01-14 | CVE-2021-39623 | cve | In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additi... |
| 9.8 | 2022-01-14 | CVE-2021-1049 | cve | Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722 |
| 9.8 | 2022-01-14 | CVE-2022-22056 | cve | The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire admin... |
| 9.1 | 2022-01-14 | CVE-2021-28506 | cve | An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could potentially allow a factory reset of th... |
| 9.8 | 2022-01-13 | CVE-2022-22989 | cve | My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addresse... |
| 9.8 | 2022-01-13 | CVE-2022-23131 | cve | In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the sessio... |
| 9.8 | 2022-01-13 | CVE-2021-34993 | cve | This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vuln... |
| 9.8 | 2022-01-13 | CVE-2021-33046 | cve | Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwo... |
| 9.1 | 2022-01-13 | CVE-2022-22988 | cve | File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to... |
| 9.8 | 2022-01-13 | CVE-2021-45807 | cve | jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall. |
| 9.8 | 2022-01-13 | CVE-2021-40722 | cve | AEM Forms Cloud Service offering, as well as version 6.5.10.0 (and below) are affected by an XML External Entity (XXE) injection vulnerability that could be abused by an attacke... |
| 9.8 | 2022-01-12 | CVE-2021-45411 | cve | In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerabili... |
| Page(s) : 1 ... 658 659 660 661 662 663 664 665 666 667 [668] 669 670 671 672 673 674 675 676 677 678 ... | Result(s) : 43434 |
