| Page(s) : 1 ... 695 696 697 698 699 700 701 702 703 704 [705] 706 707 708 709 710 711 712 713 714 715 ... | Result(s) : 43441 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-10-22 | CVE-2021-42169 | cve | The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the ad... |
| 9.8 | 2021-10-22 | CVE-2021-38459 | cve | The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access t... |
| 9.8 | 2021-10-22 | CVE-2020-28960 | cve | Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters. |
| 9.1 | 2021-10-22 | CVE-2021-38453 | cve | Some API functions allow interaction with the registry, which includes reading values as well as data modification. |
| 9.8 | 2021-10-22 | CVE-2021-38457 | cve | The server permits communication without any authentication procedure, allowing the attacker to initiate a session with the server without providing any form of authentication. |
| 9.8 | 2021-10-22 | CVE-2020-23037 | cve | Portable Ltd Playable v9.18 contains a code injection vulnerability in the filename parameter, which allows attackers to execute arbitrary web scripts or HTML via a crafted POST... |
| 9.8 | 2021-10-22 | CVE-2021-38449 | cve | Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location... |
| 9.8 | 2021-10-21 | CVE-2020-27304 | cve | The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg... |
| 9.8 | 2021-10-21 | CVE-2021-42740 | cve | The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows driv... |
| 9.1 | 2021-10-20 | CVE-2021-42764 | cve | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (delayed consensus decisions), and also increase the pro... |
| 9.1 | 2021-10-20 | CVE-2021-1980 | cve | Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Elect... |
| 9.8 | 2021-10-20 | CVE-2021-41163 | cve | Discourse is an open source platform for community discussion. In affected versions maliciously crafted requests could lead to remote code execution. This resulted from a lack o... |
| 9.1 | 2021-10-20 | CVE-2021-42766 | cve | The Proof-of-Stake (PoS) Ethereum consensus protocol through 2021-10-19 allows an adversary to cause a denial of service (long-range consensus chain reorganizations), even when ... |
| 9.8 | 2021-10-20 | CVE-2021-21749 | cve | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. |
| 9.1 | 2021-10-20 | CVE-2021-1977 | cve | Possible buffer over read due to improper validation of frame length while processing AEAD decryption during ASSOC response in Snapdragon Auto, Snapdragon Compute, Snapdragon Co... |
| 9.1 | 2021-10-20 | CVE-2021-30304 | cve | Possible buffer out of bound read can occur due to improper validation of TBTT count and length while parsing the beacon response in Snapdragon Compute, Snapdragon Connectivity,... |
| 9.8 | 2021-10-20 | CVE-2021-23452 | cve | This affects all versions of package x-assign. The global proto object can be polluted using the __proto__ object. |
| 9.8 | 2021-10-20 | CVE-2021-21748 | cve | ZTE MF971R product has two stack-based buffer overflow vulnerabilities. An attacker could exploit the vulnerabilities to execute arbitrary code. |
| 9 | 2021-10-19 | CVE-2021-31372 | cve | An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the targ... |
| 9.8 | 2021-10-19 | CVE-2021-31349 | cve | The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services ... |
| Page(s) : 1 ... 695 696 697 698 699 700 701 702 703 704 [705] 706 707 708 709 710 711 712 713 714 715 ... | Result(s) : 43441 |
