| Page(s) : 1 ... 726 727 728 729 730 731 732 733 734 735 [736] 737 738 739 740 741 742 743 744 745 746 ... | Result(s) : 43489 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-08-11 | CVE-2020-25560 | cve | In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, th... |
| 9.8 | 2021-08-11 | CVE-2020-25563 | cve | In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring any credentials by directly accessing RemoteMgmtTaskSave (Automation Tasks) feat... |
| 9.8 | 2021-08-11 | CVE-2020-25565 | cve | In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, th... |
| 9.8 | 2021-08-11 | CVE-2020-25566 | cve | In SapphireIMS 5.0, it is possible to take over an account by sending a request to the Save_Password form as shown in POC. Notice that we do not require a JSESSIONID in this req... |
| 9.8 | 2021-08-10 | CVE-2021-38383 | cve | OwnTone (aka owntone-server) through 28.1 has a use-after-free in net_bind() in misc.c. |
| 9.8 | 2021-08-10 | CVE-2021-38140 | cve | The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation using RESET SESSION AUTHORIZATION after set_user(). |
| 9.8 | 2021-08-10 | CVE-2021-20032 | cve | SonicWall Analytics 2.5 On-Prem is vulnerable to Java Debug Wire Protocol (JDWP) interface security misconfiguration vulnerability which potentially leads to Remote Code Executi... |
| 9.1 | 2021-08-10 | CVE-2021-37425 | cve | Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and the... |
| 9.8 | 2021-08-10 | CVE-2021-32943 | cve | The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versi... |
| 9.8 | 2021-08-10 | VU#608209 | VU-CERT | NicheStack embedded TCP/IP has vulnerabilities |
| 9.8 | 2021-08-10 | CVE-2021-38384 | cve | Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because... |
| 9.8 | 2021-08-09 | CVE-2021-21564 | cve | Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability... |
| 9.8 | 2021-08-09 | CVE-2021-22910 | cve | A sanitization vulnerability exists in Rocket.Chat server versions |
| 9.8 | 2021-08-09 | CVE-2021-24507 | cve | The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astra_pagination_infinite and astra_shop_pagination_in... |
| 9.8 | 2021-08-09 | CVE-2021-24499 | cve | The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the reque... |
| 9.6 | 2021-08-09 | CVE-2021-32798 | cve | The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a dep... |
| 9.8 | 2021-08-09 | CVE-2014-9320 | cve | SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORB... |
| 9.8 | 2021-08-09 | CVE-2020-23151 | cve | rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function... |
| 9.8 | 2021-08-09 | CVE-2013-6276 | cve | QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. ... |
| 9.6 | 2021-08-09 | CVE-2021-32797 | cve | JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. ... |
| Page(s) : 1 ... 726 727 728 729 730 731 732 733 734 735 [736] 737 738 739 740 741 742 743 744 745 746 ... | Result(s) : 43489 |
