| Page(s) : 1 ... 760 761 762 763 764 765 766 767 768 769 [770] 771 772 773 774 775 776 777 778 779 780 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 10 | 2021-05-05 | CVE-2016-20010 | cve | EWWW Image Optimizer before 2.8.5 allows remote command execution because it relies on a protection mechanism involving boolval, which is unavailable before PHP 5.5. |
| 9.8 | 2021-05-05 | CVE-2020-13665 | cve | Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the read_only set to FALSE under jsonapi.settings config are... |
| 9.8 | 2021-05-04 | CVE-2021-23383 | cve | The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source. |
| 9.1 | 2021-05-03 | CVE-2021-28860 | cve | In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attrib... |
| 9.8 | 2021-05-03 | CVE-2020-35757 | cve | An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is Unauthenticated Root ADB Access Over TCP. The LS9 web interface provides functionality to access ADB ... |
| 9.8 | 2021-05-03 | CVE-2020-35758 | cve | An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a Authentication Bypass in the Web Interface. This interface does not properly restrict access to int... |
| 9.8 | 2021-05-03 | CVE-2021-32020 | cve | The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory. |
| 9.8 | 2021-05-03 | CVE-2020-23083 | cve | Unrestricted File Upload in JEECG v4.0 and earlier allows remote attackers to execute arbitrary code or gain privileges by uploading a crafted file to the component "jeecgFormDe... |
| 9.8 | 2021-05-03 | CVE-2021-29369 | cve | The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands. |
| 9.8 | 2021-04-30 | CVE-2021-21507 | cve | Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX Switch Module firmware versions prior to 2.0.0.82 contain a Weak Password Encryption ... |
| 9.8 | 2021-04-30 | CVE-2021-31872 | cve | An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact. |
| 9.8 | 2021-04-30 | CVE-2021-28959 | cve | Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to unauthenticated directory traversal via an entry in a ZIP archive. This leads to remote code execution. |
| 9.8 | 2021-04-30 | CVE-2020-15153 | cve | Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed ... |
| 9.8 | 2021-04-30 | CVE-2021-31870 | cve | An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow. |
| 9.1 | 2021-04-30 | CVE-2020-18070 | cve | Path Traversal in iCMS v7.0.13 allows remote attackers to delete folders by injecting commands into a crafted HTTP request to the "do_del()" method of the component "database.ad... |
| 9.8 | 2021-04-30 | CVE-2020-24918 | cve | A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authenti... |
| 9.8 | 2021-04-30 | CVE-2021-31873 | cve | An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow. |
| 9.1 | 2021-04-30 | CVE-2020-4039 | cve | SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Server before version d27ed0f has a directory traversal vulnerability due to insufficient input validation. Any... |
| 9.8 | 2021-04-29 | CVE-2021-21388 | cve | systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior t... |
| 9.8 | 2021-04-29 | CVE-2020-22807 | cve | An issue was dicovered in vtiger crm 7.2. Union sql injection in the calendar exportdata feature. |
| Page(s) : 1 ... 760 761 762 763 764 765 766 767 768 769 [770] 771 772 773 774 775 776 777 778 779 780 ... | Result(s) : 43529 |
