| Page(s) : 1 ... 696 697 698 699 700 701 702 703 704 705 [706] 707 708 709 710 711 712 713 714 715 716 ... | Result(s) : 43441 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2021-10-19 | CVE-2021-38470 | cve | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. This may allow the a... |
| 9 | 2021-10-19 | CVE-2021-31382 | cve | On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) ... |
| 9.8 | 2021-10-19 | CVE-2021-38462 | cve | InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. This may allow an attacker with obtained user credentials... |
| 9.1 | 2021-10-19 | CVE-2021-31381 | cve | A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause th... |
| 9.1 | 2021-10-19 | CVE-2020-12141 | cve | An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packe... |
| 9 | 2021-10-19 | CVE-2021-31372 | cve | An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the targ... |
| 9.8 | 2021-10-19 | CVE-2021-30820 | cve | A logic issue was addressed with improved state management. This issue is fixed in iOS 14.8 and iPadOS 14.8. A remote attacker may be able to cause arbitrary code execution. |
| 9.8 | 2021-10-19 | CVE-2021-31349 | cve | The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services ... |
| 10 | 2021-10-19 | CVE-2021-31384 | cve | Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on... |
| 9.8 | 2021-10-18 | CVE-2021-42575 | cve | The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements. |
| 9.8 | 2021-10-18 | CVE-2021-41153 | cve | The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity che... |
| 9.8 | 2021-10-18 | CVE-2021-42576 | cve | The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python (in pybluemonday), does not properly enforce policies associated with the SELECT, STYLE, and OPTION el... |
| 9.8 | 2021-10-18 | CVE-2021-22961 | cve | A code injection vulnerability exists within the firewall software of GlassWire v2.1.167 that could lead to arbitrary code execution from a file in the user path on first execut... |
| 9.8 | 2021-10-18 | CVE-2021-38389 | cve | Advantech WebAccess versions 9.02 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code. |
| 9.8 | 2021-10-18 | CVE-2021-38297 | cve | Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used. |
| 9.8 | 2021-10-18 | CVE-2021-33023 | cve | Advantech WebAccess versions 9.02 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. |
| 10 | 2021-10-18 | CVE-2021-23449 | cve | This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine. |
| 9.8 | 2021-10-15 | CVE-2021-3878 | cve | corenlp is vulnerable to Improper Restriction of XML External Entity Reference |
| 9.8 | 2021-10-15 | CVE-2021-3881 | cve | libmobi is vulnerable to Out-of-bounds Read |
| 9.8 | 2021-10-15 | CVE-2021-27561 | cve | Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. |
| Page(s) : 1 ... 696 697 698 699 700 701 702 703 704 705 [706] 707 708 709 710 711 712 713 714 715 716 ... | Result(s) : 43441 |
