Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... Result(s) : 169754

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
3.3 2020-05-26 CVE-2020-12394 cve A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the inp...
7.8 2020-05-26 CVE-2020-12393 cve The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used t...
N/A 2020-05-26 CVE-2020-11970 cve ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. ...
N/A 2020-05-26 CVE-2020-10751 cve A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. T...
6.5 2020-05-26 CVE-2020-10719 cve A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advan...
N/A 2020-05-26 VU#127371 VU-CERT iOS contains an unspecified kernel vulnerability
5.5 2020-05-26 CVE-2020-3812 cve qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the f...
7.5 2020-05-26 CVE-2020-3811 cve qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability.
6.1 2020-05-25 CVE-2020-13486 cve The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
9.1 2020-05-25 CVE-2020-13485 cve The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
8.1 2020-05-25 CVE-2020-13482 cve EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname i...
5.4 2020-05-25 CVE-2020-13459 cve An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action.
8.8 2020-05-25 CVE-2020-13458 cve An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
9.8 2020-05-25 CVE-2020-13442 cve A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded fil...
9.8 2020-05-25 CVE-2020-5537 cve Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.
6.5 2020-05-24 CVE-2020-13440 cve ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
6.5 2020-05-24 CVE-2020-13439 cve ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
6.5 2020-05-24 CVE-2020-13438 cve ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
7.5 2020-05-24 CVE-2020-13435 cve SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
7.5 2020-05-24 CVE-2020-13434 cve SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... Result(s) : 169754