| Page(s) : 1 ... 674 675 676 677 678 679 680 681 682 683 [684] 685 686 687 688 689 690 691 692 693 694 ... | Result(s) : 43434 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-12-13 | CVE-2021-22279 | cve | A Missing Authentication vulnerability in RobotWare for the OmniCore robot controller allows an attacker to read and modify files on the robot controller if the attacker has acc... |
| 9.8 | 2021-12-13 | CVE-2021-24863 | cve | The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before u... |
| 9.8 | 2021-12-13 | CVE-2021-43117 | cve | fastadmin v1.2.1 is affected by a file upload vulnerability which allows arbitrary code execution through shell access. |
| 9.8 | 2021-12-12 | CVE-2021-44833 | cve | The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file. |
| 9.8 | 2021-12-12 | CVE-2021-44515 | cve | Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterpri... |
| 9.8 | 2021-12-10 | CVE-2021-23639 | cve | The package md-to-pdf before 5.0.0 are vulnerable to Remote Code Execution (RCE) due to utilizing the library gray-matter to parse front matter content, without disabling the JS... |
| 9.8 | 2021-12-10 | CVE-2021-23700 | cve | All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function. |
| 9.8 | 2021-12-10 | CVE-2021-23561 | cve | All versions of package comb are vulnerable to Prototype Pollution via the deepMerge() function. |
| 9.8 | 2021-12-10 | CVE-2021-31746 | cve | Zip Slip vulnerability in Pluck-CMS Pluck 4.7.15 allows an attacker to upload specially crafted zip files, resulting in directory traversal and potentially arbitrary code execut... |
| 9.1 | 2021-12-10 | CVE-2021-38917 | cve | IBM PowerVM Hypervisor FW860, FW940, and FW950 could allow an attacker that gains service access to the FSP can read and write arbitrary host system memory through a series of c... |
| 9.8 | 2021-12-10 | CVE-2021-35978 | cve | An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (wi... |
| 9.8 | 2021-12-10 | CVE-2021-23663 | cve | All versions of package sey are vulnerable to Prototype Pollution via the deepmerge() function. |
| 9.1 | 2021-12-10 | CVE-2021-23463 | cve | The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives... |
| 10 | 2021-12-10 | CVE-2021-44228 | cve | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect a... |
| 9.8 | 2021-12-10 | CVE-2021-27983 | cve | Remote Code Execution (RCE) vulnerability exists in MaxSite CMS v107.5 via the Documents page. |
| 9.8 | 2021-12-10 | CVE-2021-37934 | cve | Due to insufficient server-side login-attempt limit enforcement, a vulnerability in /account/login in Huntflow Enterprise before 3.10.14 could allow an unauthenticated, remote u... |
| 9.8 | 2021-12-09 | CVE-2021-44514 | cve | OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories. |
| 9.9 | 2021-12-09 | CVE-2021-21954 | cve | A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of ... |
| 9.8 | 2021-12-09 | CVE-2021-20146 | cve | An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure... |
| 9.8 | 2021-12-09 | CVE-2021-43608 | cve | Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing S... |
| Page(s) : 1 ... 674 675 676 677 678 679 680 681 682 683 [684] 685 686 687 688 689 690 691 692 693 694 ... | Result(s) : 43434 |
