| Page(s) : 1 ... 751 752 753 754 755 756 757 758 759 760 [761] 762 763 764 765 766 767 768 769 770 771 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-06-01 | CVE-2021-30181 | cve | Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when m... |
| 9.1 | 2021-06-01 | CVE-2021-33181 | cve | Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station before 2.4.10-1632 allows remote authenticated users to send arbitrary request to ... |
| 9.8 | 2021-06-01 | CVE-2021-30179 | cve | Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter w... |
| 9.8 | 2021-06-01 | CVE-2021-33180 | cve | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in cgi component in Synology Media Server before 1.8.1-2876 allows r... |
| 9.8 | 2021-05-31 | CVE-2021-33790 | cve | The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.Exte... |
| 9.8 | 2021-05-31 | CVE-2020-10666 | cve | The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command. |
| 9.8 | 2021-05-29 | CVE-2021-31703 | cve | Frontier ichris through 5.18 allows users to upload malicious executable files that might later be downloaded and run by any client user. |
| 9.8 | 2021-05-29 | CVE-2021-33564 | cve | An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url... |
| 9.8 | 2021-05-29 | CVE-2021-30461 | cve | A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PH... |
| 9.8 | 2021-05-28 | CVE-2021-22519 | cve | Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(1... |
| 10 | 2021-05-28 | CVE-2021-32637 | cve | Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngx_http_auth_request_module with Authelia, it allows a malicious individu... |
| 9.8 | 2021-05-28 | CVE-2021-32619 | cve | Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or ... |
| 9.8 | 2021-05-28 | CVE-2021-20236 | cve | A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subsc... |
| 9.6 | 2021-05-28 | CVE-2021-20195 | cve | A flaw was found in keycloak in versions before 13.0.0. A Self Stored XSS attack vector escalating to a complete account takeover is possible due to user-supplied data fields no... |
| 9.4 | 2021-05-28 | CVE-2021-32642 | cve | radsecproxy is a generic RADIUS proxy that supports both UDP and TLS (RadSec) RADIUS transports. Missing input validation in radsecproxy's `naptr-eduroam.sh` and `radsec-dy... |
| 9.8 | 2021-05-28 | CVE-2020-27847 | cve | A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature Validation. This flaw allows an attacker to bypass SAML authenti... |
| 9.8 | 2021-05-28 | CVE-2020-15782 | cve | A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versi... |
| 9 | 2021-05-27 | CVE-2020-15180 | cve | A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacke... |
| 9.8 | 2021-05-27 | CVE-2021-27852 | cve | Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Ch... |
| 9.1 | 2021-05-27 | CVE-2020-12403 | cve | A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was ... |
| Page(s) : 1 ... 751 752 753 754 755 756 757 758 759 760 [761] 762 763 764 765 766 767 768 769 770 771 ... | Result(s) : 43529 |
