| Page(s) : 1 ... 725 726 727 728 729 730 731 732 733 734 [735] 736 737 738 739 740 741 742 743 744 745 ... | Result(s) : 43489 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-08-11 | CVE-2020-25566 | cve | In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this req... |
| 9.8 | 2021-08-11 | CVE-2020-25565 | cve | In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, th... |
| 9.8 | 2021-08-11 | CVE-2020-25563 | cve | In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feat... |
| 9.8 | 2021-08-11 | CVE-2020-25560 | cve | In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, th... |
| 9.8 | 2021-08-11 | CVE-2020-21359 | cve | An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding... |
| 9.1 | 2021-08-11 | CVE-2021-33794 | cve | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 allow information disclosure or an application crash after mishandling the Tab key during XFA form interaction. |
| 9.8 | 2021-08-11 | CVE-2021-33793 | cve | Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion. |
| 9.8 | 2021-08-11 | CVE-2021-23421 | cve | All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function. |
| 9.8 | 2021-08-11 | CVE-2021-38574 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string. |
| 9.8 | 2021-08-11 | CVE-2021-38573 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because a CombineFiles pathname is not validated. |
| 9.8 | 2021-08-11 | CVE-2021-38572 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows writing to arbitrary files because the extractPages pathname is not validated. |
| 9.1 | 2021-08-11 | CVE-2021-38570 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to delete arbitrary files (during uninstallation) via a symlink. |
| 9.8 | 2021-08-11 | CVE-2021-38568 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format. |
| 9.1 | 2021-08-11 | CVE-2021-38564 | cve | An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Editor before 11.0.1. It allows an out-of-bounds read via util.scand. |
| 9.1 | 2021-08-11 | CVE-2019-25052 | cve | In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak... |
| 9.8 | 2021-08-11 | CVE-2021-38530 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20... |
| 9.8 | 2021-08-11 | CVE-2021-38529 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D7800 before 1.0.1.56, R7800 before 1.0.2.68, R8900 before 1.0.4.26, and R... |
| 9.8 | 2021-08-11 | CVE-2021-38528 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6900P before 1.3.2.132, R7000P before 1.3.2.132, R... |
| 9.8 | 2021-08-11 | CVE-2021-38527 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects CBR40 before 2.5.0.14, EX6100v2 before 1.0.1.98, EX6150v2 before 1.0.1.98,... |
| 9.8 | 2021-08-11 | CVE-2021-38513 | cve | Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, RBS850 before 3.2.10.11, CBR40 before 2.5.0.10, EAX... |
| Page(s) : 1 ... 725 726 727 728 729 730 731 732 733 734 [735] 736 737 738 739 740 741 742 743 744 745 ... | Result(s) : 43489 |
