| Page(s) : 1 ... 752 753 754 755 756 757 758 759 760 761 [762] 763 764 765 766 767 768 769 770 771 772 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-05-27 | CVE-2021-31535 | cve | LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side ... |
| 9.8 | 2021-05-27 | CVE-2021-27852 | cve | Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Ch... |
| 9.8 | 2021-05-27 | CVE-2021-22911 | cve | A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE. |
| 9 | 2021-05-27 | CVE-2020-15180 | cve | A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacke... |
| 9.8 | 2021-05-27 | CVE-2021-22891 | cve | A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before 5.7.3, 5.8.3, 5.9.3, 5.10.1 and 5.11.18 may allow unauthenticated remote comprom... |
| 9.8 | 2021-05-26 | CVE-2019-25029 | cve | In Versa Director, the command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command inj... |
| 9.8 | 2021-05-26 | CVE-2021-21986 | cve | The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware ... |
| 9.8 | 2021-05-26 | CVE-2021-22731 | cve | Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized pass... |
| 9.8 | 2021-05-26 | CVE-2021-21985 | cve | The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in ... |
| 9.1 | 2021-05-26 | CVE-2018-10867 | cve | Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user. |
| 9.8 | 2021-05-26 | CVE-2021-33470 | cve | COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel. |
| 9.8 | 2021-05-26 | CVE-2021-25945 | cve | Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. |
| 9.1 | 2021-05-26 | CVE-2021-20487 | cve | IBM Power9 Self Boot Engine(SBE) could allow a privileged user to inject malicious code and compromise the integrity of the host firmware bypassing the host firmware signature v... |
| 9.8 | 2021-05-26 | CVE-2021-22737 | cve | Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are ... |
| 9.8 | 2021-05-26 | CVE-2021-22738 | cve | Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credent... |
| 9.1 | 2021-05-26 | CVE-2018-10866 | cve | It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file,... |
| 9.8 | 2021-05-26 | CVE-2021-22160 | cve | If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented... |
| 9.8 | 2021-05-25 | CVE-2021-33575 | cve | The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML docume... |
| 9.8 | 2021-05-25 | CVE-2021-25944 | cve | Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. |
| 9.8 | 2021-05-25 | CVE-2021-33574 | cve | The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its str... |
| Page(s) : 1 ... 752 753 754 755 756 757 758 759 760 761 [762] 763 764 765 766 767 768 769 770 771 772 ... | Result(s) : 43529 |
