| Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 172947 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2021-10-25 | CVE-2021-35231 | cve | As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an exe... |
| N/A | 2021-10-25 | CVE-2021-38294 | cve | A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift... |
| N/A | 2021-10-25 | CVE-2021-40865 | cve | An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x use... |
| N/A | 2021-10-25 | CVE-2021-40371 | cve | Gridpro Request Management for Windows Azure Pack before 2.0.7912 allows Directory Traversal for remote code execution, as demonstrated by ..\\ in a scriptName JSON value to Ser... |
| N/A | 2021-10-25 | CVE-2021-21703 | cve | In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child wor... |
| N/A | 2021-10-22 | CVE-2021-42258 | cve | BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware... |
| N/A | 2021-10-22 | CVE-2021-42836 | cve | GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack. |
| 6.1 | 2021-10-22 | CVE-2021-29835 | cve | IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ... |
| 5.9 | 2021-10-22 | CVE-2021-41171 | cve | eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechani... |
| N/A | 2021-10-22 | CVE-2021-42556 | cve | Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary wri... |
| 8.8 | 2021-10-22 | CVE-2021-42840 | cve | SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name c... |
| N/A | 2021-10-22 | CVE-2020-23036 | cve | MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure session validation vulnerability in the session handling of the `password` authentication parameter of the wifi ... |
| N/A | 2021-10-22 | CVE-2020-23037 | cve | Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST... |
| N/A | 2021-10-22 | CVE-2020-23038 | cve | Swift File Transfer Mobile v1.1.2 and below was discovered to contain an information disclosure vulnerability in the path parameter. This vulnerability is exploited via an error... |
| N/A | 2021-10-22 | CVE-2020-23039 | cve | Folder Lock v3.4.5 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Create Folder function under the 'create' module. This vulnerabil... |
| N/A | 2021-10-22 | CVE-2020-23040 | cve | Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows attackers to access sensitive data and files via 'null' path commands. |
| N/A | 2021-10-22 | CVE-2020-23041 | cve | Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handli... |
| N/A | 2021-10-22 | CVE-2020-23042 | cve | Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` module. Thi... |
| N/A | 2021-10-22 | CVE-2020-23043 | cve | Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file upload vulnerability in the upload module. This vulnerability allows attackers to execute arbitrary code vi... |
| N/A | 2021-10-22 | CVE-2020-23044 | cve | DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in the component file_pic_view.php via the `activepath`, `keyword`, `tag`, `fmdo=x... |
| Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... | Result(s) : 172947 |
