Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 708 709 710 711 712 713 714 715 716 717 [718] 719 720 721 722 723 724 725 726 727 728 ... Result(s) : 43486

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2021-09-22 CVE-2021-37927 cve Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
9.8 2021-09-22 CVE-2021-37925 cve Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability.
9.8 2021-09-21 CVE-2021-37424 cve ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover.
9.8 2021-09-21 CVE-2021-28960 cve Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations.
9.8 2021-09-21 CVE-2021-0869 cve In GetTimeStampAndPkt of DumpstateDevice.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no addition...
9.8 2021-09-21 CVE-2021-31917 cve A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass authentication on all REST endpoints wh...
9.8 2021-09-21 CVE-2021-23444 cve This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are a...
10 2021-09-20 CVE-2020-26301 cve ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windo...
9.1 2021-09-20 CVE-2021-24638 cve The OMGF WordPress plugin before 4.5.4 does not escape or validate the handle parameter of the REST API, which allows unauthenticated users to perform path traversal and overwri...
9.8 2021-09-20 CVE-2021-24741 cve The Support Board WordPress plugin before 3.3.4 does not escape multiple POST parameters (such as status_code, department, user_id, conversation_id, conversation_status_code, an...
9.8 2021-09-20 CVE-2021-40674 cve An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.
9.8 2021-09-18 CVE-2021-41393 cve Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
10 2021-09-17 CVE-2021-1976 cve A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consu...
9.8 2021-09-17 CVE-2021-23442 cve This affects all versions of package @cookiex/deep. The global proto object can be polluted using the __proto__ object.
9.8 2021-09-17 CVE-2021-41317 cve XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths.
9.8 2021-09-17 CVE-2021-39228 cve Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using `pat...
9.8 2021-09-17 CVE-2021-41326 cve In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.
9.8 2021-09-17 CVE-2021-41392 cve static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC i...
9.9 2021-09-17 CVE-2020-12083 cve An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to and including 2020 R1 (7.11.0-64).
9.8 2021-09-17 CVE-2021-39227 cve ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` mod...
Page(s) : 1 ... 708 709 710 711 712 713 714 715 716 717 [718] 719 720 721 722 723 724 725 726 727 728 ... Result(s) : 43486