| Page(s) : 1 ... 728 729 730 731 732 733 734 735 736 737 [738] 739 740 741 742 743 744 745 746 747 748 ... | Result(s) : 43489 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-08-06 | CVE-2021-37544 | cve | In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. |
| 9.8 | 2021-08-06 | CVE-2021-36707 | cve | In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection w... |
| 9.8 | 2021-08-06 | CVE-2021-36706 | cve | In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection wher... |
| 9.8 | 2021-08-06 | CVE-2021-36705 | cve | In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where t... |
| 9.8 | 2021-08-06 | CVE-2021-36351 | cve | SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modul... |
| 9.8 | 2021-08-06 | CVE-2021-36209 | cve | In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset. |
| 9.8 | 2021-08-06 | CVE-2020-28088 | cve | An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code. |
| 9.8 | 2021-08-06 | CVE-2021-37388 | cve | A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote c... |
| 9.1 | 2021-08-06 | CVE-2021-20597 | cve | Insufficiently Protected Credentials vulnerability in Mitsubishi Electric MELSEC iQ-R series Safety CPU modules R08/16/32/120SFCPU firmware versions "26" and prior and Mitsubish... |
| 9.8 | 2021-08-05 | CVE-2021-26605 | cve | An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and e... |
| 9.8 | 2021-08-05 | CVE-2021-35327 | cve | A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start the Telnet service, then login with the default credentials via a crafted POST ... |
| 9.8 | 2021-08-05 | CVE-2021-35324 | cve | A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication. |
| 9.8 | 2021-08-05 | CVE-2021-34371 | cve | Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse t... |
| 9.8 | 2021-08-05 | CVE-2021-29978 | cve | Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VP... |
| 9.8 | 2021-08-05 | CVE-2021-29971 | cve | If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *... |
| 9.8 | 2021-08-05 | CVE-2021-21805 | cve | An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbit... |
| 9.8 | 2021-08-04 | CVE-2021-20028 | cve | Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances runnin... |
| 9.8 | 2021-08-04 | CVE-2021-1609 | cve | Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker ... |
| 9.8 | 2021-08-04 | CVE-2021-1602 | cve | A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacke... |
| 9.1 | 2021-08-04 | CVE-2021-36800 | cve | Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /{company_id}/sales/invoices/{invoice_id} ... |
| Page(s) : 1 ... 728 729 730 731 732 733 734 735 736 737 [738] 739 740 741 742 743 744 745 746 747 748 ... | Result(s) : 43489 |
