| Page(s) : 1 ... 689 690 691 692 693 694 695 696 697 698 [699] 700 701 702 703 704 705 706 707 708 709 ... | Result(s) : 43439 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-11-05 | CVE-2021-42668 | cve | A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extra... |
| 9.8 | 2021-11-05 | CVE-2021-42670 | cve | A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious use... |
| 9.8 | 2021-11-05 | CVE-2021-42665 | cve | An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication. |
| 9.1 | 2021-11-04 | CVE-2021-21687 | cve | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create symbolic links when unarchiving a symbolic link in FilePath#untar. |
| 9.8 | 2021-11-04 | CVE-2021-21693 | cve | When creating temporary files, agent-to-controller access to create those files is only checked after they've been created in Jenkins 2.318 and earlier, LTS 2.303.2 and ear... |
| 9.1 | 2021-11-04 | CVE-2021-21697 | cve | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions. |
| 9.8 | 2021-11-04 | CVE-2021-21694 | cve | FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.... |
| 9.1 | 2021-11-04 | CVE-2021-21685 | cve | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not check agent-to-controller access to create parent directories in FilePath#mkdirs. |
| 9.8 | 2021-11-04 | CVE-2020-25368 | cve | A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts v... |
| 9.8 | 2021-11-04 | CVE-2021-21696 | cve | Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing ... |
| 9.8 | 2021-11-04 | CVE-2020-25367 | cve | A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts v... |
| 9.1 | 2021-11-04 | CVE-2021-21689 | cve | FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. |
| 9.1 | 2021-11-04 | CVE-2020-25366 | cve | An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors. |
| 9.8 | 2021-11-04 | CVE-2021-40119 | cve | A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root u... |
| 9.8 | 2021-11-04 | CVE-2021-21692 | cve | FilePath#renameTo and FilePath#moveAllChildrenTo in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier only check 'read' agent-to-controller access permission on the s... |
| 9.8 | 2021-11-04 | CVE-2021-40113 | cve | Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an ... |
| 9.8 | 2021-11-04 | CVE-2021-34795 | cve | Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an ... |
| 9.1 | 2021-11-04 | CVE-2021-43400 | cve | An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. |
| 9.8 | 2021-11-04 | CVE-2021-21691 | cve | Creating symbolic links is possible without the 'symlink' agent-to-controller access control permission in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. |
| 9.8 | 2021-11-04 | CVE-2021-21690 | cve | Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier. |
| Page(s) : 1 ... 689 690 691 692 693 694 695 696 697 698 [699] 700 701 702 703 704 705 706 707 708 709 ... | Result(s) : 43439 |
