| Page(s) : 1 ... 738 739 740 741 742 743 744 745 746 747 [748] 749 750 751 752 753 754 755 756 757 758 ... | Result(s) : 43525 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2021-07-14 | CVE-2021-22779 | cve | Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control ... |
| 9.8 | 2021-07-13 | CVE-2020-22875 | cve | Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code. |
| 9.8 | 2021-07-13 | CVE-2020-11307 | cve | Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapd... |
| 9.8 | 2021-07-13 | CVE-2021-1965 | cve | Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Sn... |
| 9.8 | 2021-07-13 | CVE-2021-34552 | cve | Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer over... |
| 9.8 | 2021-07-13 | CVE-2020-22884 | cve | Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code. |
| 9.8 | 2021-07-13 | CVE-2020-22874 | cve | Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish before 3.0.8, allows remote attackers to execute arbitrary code. |
| 9.8 | 2021-07-13 | CVE-2020-22873 | cve | Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code. |
| 9.8 | 2021-07-13 | CVE-2021-36124 | cve | An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the abili... |
| 9.8 | 2021-07-13 | CVE-2021-33578 | cve | Echo ShareCare 8.15.5 is susceptible to SQL injection vulnerabilities when processing remote input from both authenticated and unauthenticated users, leading to the ability to b... |
| 9.8 | 2021-07-13 | CVE-2021-21994 | cve | SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue t... |
| 9.1 | 2021-07-13 | CVE-2021-31217 | cve | In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. |
| 9.8 | 2021-07-12 | CVE-2020-18980 | cve | Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters. |
| 9.8 | 2021-07-12 | CVE-2021-32726 | cve | Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been delet... |
| 9.8 | 2021-07-12 | CVE-2021-24442 | cve | The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL s... |
| 9.6 | 2021-07-12 | CVE-2021-26088 | cve | An improper authentication vulnerability in FSSO Collector version 5.0.295 and below may allow an unauthenticated user to bypass a FSSO firewall policy and access the protected ... |
| 9.8 | 2021-07-12 | CVE-2021-23389 | cve | The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. |
| 9.8 | 2021-07-12 | CVE-2021-24385 | cve | The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnera... |
| 9.8 | 2021-07-12 | CVE-2021-23390 | cve | The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions. |
| 9.8 | 2021-07-12 | CVE-2020-18544 | cve | SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary code via the "username" parameter in the component "chkuser.php". |
| Page(s) : 1 ... 738 739 740 741 742 743 744 745 746 747 [748] 749 750 751 752 753 754 755 756 757 758 ... | Result(s) : 43525 |
