| Page(s) : 1 ... 673 674 675 676 677 678 679 680 681 682 [683] 684 685 686 687 688 689 690 691 692 693 ... | Result(s) : 43434 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-12-14 | CVE-2021-44949 | cve | glFusion CMS 1.7.9 is affected by an access control vulnerability via /public_html/users.php. |
| 9.8 | 2021-12-14 | CVE-2021-42064 | cve | If configured to use an Oracle database and if a query is created using the flexible search java api with a parameterized "in" clause, SAP Commerce - versions 1905, 2005, 2105, ... |
| 9.8 | 2021-12-14 | CVE-2021-44042 | cve | An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly enc... |
| 9.1 | 2021-12-14 | CVE-2021-44523 | cve | A vulnerability has been identified in SiPass integrated V2.76 (All versions), SiPass integrated V2.80 (All versions), SiPass integrated V2.85 (All versions), Siveillance Identi... |
| 9.8 | 2021-12-14 | CVE-2021-44538 | cve | The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties... |
| 9 | 2021-12-14 | CVE-2021-45046 | cve | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Th... |
| 9.8 | 2021-12-14 | CVE-2021-44041 | cve | UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argument of the URI handler for uipath-assistant://. This ... |
| 9.1 | 2021-12-14 | CVE-2021-44935 | cve | glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. The attacker can complete the attack remotely without interaction. |
| 9.1 | 2021-12-13 | CVE-2021-39063 | cve | IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitiv... |
| 9.8 | 2021-12-13 | CVE-2021-24857 | cve | The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize() PHP function, which could lead to PHP Object injection if a plugin installed ... |
| 9.8 | 2021-12-13 | CVE-2021-32024 | cve | A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of th... |
| 9 | 2021-12-13 | CVE-2021-24922 | cve | The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to... |
| 9.8 | 2021-12-13 | CVE-2021-24863 | cve | The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before u... |
| 9.8 | 2021-12-13 | CVE-2021-22279 | cve | A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has acc... |
| 9.8 | 2021-12-13 | CVE-2021-39052 | cve | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the Spring Boot console without authorization. IBM X-Force ID: 214523. |
| 9.8 | 2021-12-13 | CVE-2021-39065 | cve | IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied in... |
| 9.8 | 2021-12-13 | CVE-2021-24946 | cve | The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX... |
| 9.8 | 2021-12-13 | CVE-2021-44966 | cve | SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System 1.2 via index.php. An attacker can log in as an admin account of this system an... |
| 9.8 | 2021-12-13 | CVE-2021-24951 | cve | The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id parameter before using it in SQL statements when duplicating course/lesson/quiz/questi... |
| 9.8 | 2021-12-13 | CVE-2021-24045 | cve | A type confusion vulnerability could be triggered when resolving the "typeof" unary operator in Facebook Hermes prior to v0.10.0. Note that this is only exploitable if the appli... |
| Page(s) : 1 ... 673 674 675 676 677 678 679 680 681 682 [683] 684 685 686 687 688 689 690 691 692 693 ... | Result(s) : 43434 |
