| Page(s) : 1 ... 681 682 683 684 685 686 687 688 689 690 [691] 692 693 694 695 696 697 698 699 700 701 ... | Result(s) : 43436 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2021-11-30 | CVE-2021-42115 | cve | Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version |
| 9.8 | 2021-11-30 | CVE-2021-41678 | cve | A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as the application database. An attacker can then issue the SQL command through the ... |
| 9.8 | 2021-11-29 | CVE-2021-44077 | cve | Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. ... |
| 9.8 | 2021-11-29 | CVE-2021-24915 | cve | The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not sanitise or escape the cg-search-user-name-original parameter before using it i... |
| 9.8 | 2021-11-29 | CVE-2021-43691 | cve | tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER["argv"] then there is a p... |
| 9.8 | 2021-11-29 | CVE-2021-43693 | cve | vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php. |
| 9.8 | 2021-11-29 | CVE-2021-44427 | cve | An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g.... |
| 9.8 | 2021-11-28 | CVE-2021-44093 | cve | A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell |
| 9.8 | 2021-11-26 | CVE-2021-38685 | cve | A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have a... |
| 9.8 | 2021-11-26 | CVE-2021-26611 | cve | HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows remote attackers to operate the IP Camera.(reboot, factory reset, snapshot etc..) |
| 9.8 | 2021-11-26 | CVE-2021-23654 | cve | This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while con... |
| 9.8 | 2021-11-25 | CVE-2021-44223 | cve | WordPress before 5.8 lacks support for the Update URI plugin header. This makes it easier for remote attackers to execute arbitrary code via a supply-chain attack against WordPr... |
| 10 | 2021-11-24 | CVE-2021-3554 | cve | Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate t... |
| 9.8 | 2021-11-24 | CVE-2021-44219 | cve | Gin-Vue-Admin before 2.4.6 mishandles a SQL database. |
| 9.8 | 2021-11-24 | CVE-2021-34423 | cve | A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Black... |
| 9.1 | 2021-11-24 | CVE-2021-44140 | cve | Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that thos... |
| 9.8 | 2021-11-24 | CVE-2021-20850 | cve | PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to exe... |
| 9.8 | 2021-11-24 | CVE-2021-22049 | cve | The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access ... |
| 9.8 | 2021-11-24 | CVE-2021-36916 | cve | The SQL injection vulnerability in the Hide My WP WordPress plugin (versions |
| 9.3 | 2021-11-23 | CVE-2021-43019 | cve | Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation vulnerability in the resources leveraged by the Setup.exe service. An unauthenticated attac... |
| Page(s) : 1 ... 681 682 683 684 685 686 687 688 689 690 [691] 692 693 694 695 696 697 698 699 700 701 ... | Result(s) : 43436 |
