| Page(s) : 1 ... 724 725 726 727 728 729 730 731 732 733 [734] 735 736 737 738 739 740 741 742 743 744 ... | Result(s) : 43489 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-08-13 | CVE-2021-32071 | cve | The MiCollab Client service in Mitel MiCollab before 9.3 could allow an unauthenticated user to gain system access due to improper access control. A successful exploit could all... |
| 9.8 | 2021-08-13 | CVE-2021-36380 | cve | Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell metacharacters in ipAddr or dnsAddr /cgi/networkDiag.cgi. |
| 9.1 | 2021-08-13 | CVE-2021-3352 | cve | The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access (view ... |
| 9.8 | 2021-08-13 | CVE-2020-18753 | cve | An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to the system and escalate privileges via a crafted packet. |
| 9.8 | 2021-08-12 | CVE-2021-31556 | cve | An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL b... |
| 9.8 | 2021-08-12 | CVE-2021-29377 | cve | Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerability that allows attackers to execute arbitrary code remotely. A .php file can be uploaded via admin.php/ind... |
| 9.8 | 2021-08-12 | CVE-2021-28890 | cve | J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via the (1) compId parameter to fast/sys/user/list, (2) deptId parameter to fast/sys/role/list, or (3) roleId par... |
| 9.8 | 2021-08-12 | CVE-2021-28121 | cve | Virtual Robots.txt before 1.10 does not block HTML tags in the robots.txt field. |
| 9.8 | 2021-08-12 | CVE-2020-36363 | cve | Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers. |
| 9.3 | 2021-08-12 | CVE-2021-36958 | cve | A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this v... |
| 9.8 | 2021-08-12 | CVE-2020-28165 | cve | The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipP... |
| 9.8 | 2021-08-12 | CVE-2021-37222 | cve | Parsers in the open source project RCDCAP before 1.0.5 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) vi... |
| 9.8 | 2021-08-12 | CVE-2021-38606 | cve | reNgine through 0.5 relies on a predictable directory name. |
| 9.8 | 2021-08-12 | CVE-2021-20509 | cve | IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper vali... |
| 9.8 | 2021-08-12 | CVE-2021-20314 | cve | Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF ... |
| 9.8 | 2021-08-12 | CVE-2020-20975 | cve | In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter. |
| 9.8 | 2021-08-12 | CVE-2021-31698 | cve | Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an AT command to place shell metacharacters in quectel_handle_fumo_cfg input in atfw... |
| 9.8 | 2021-08-12 | CVE-2021-33199 | cve | In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.php relies on the untrusted input value of input->get('file') instead of the fixed file names of i... |
| 9.8 | 2021-08-12 | CVE-2020-20979 | cve | An arbitrary file upload vulnerability in the move_uploaded_file() function of LJCMS v4.3 allows attackers to execute arbitrary code. |
| 9.8 | 2021-08-12 | CVE-2021-37599 | cve | The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read t... |
| Page(s) : 1 ... 724 725 726 727 728 729 730 731 732 733 [734] 735 736 737 738 739 740 741 742 743 744 ... | Result(s) : 43489 |
