| Page(s) : 1 ... 765 766 767 768 769 770 771 772 773 774 [775] 776 777 778 779 780 781 782 783 784 785 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-04-20 | CVE-2020-35313 | cve | A server-side request forgery (SSRF) vulnerability in the addCustomThemePluginRepository function in index.php in WonderCMS 3.1.3 allows remote attackers to execute arbitrary co... |
| 10 | 2021-04-20 | VU#213092 | VU-CERT | Pulse Connect Secure contains a use-after-free vulnerability |
| 9.8 | 2021-04-20 | CVE-2021-29462 | cve | The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS reb... |
| 9.1 | 2021-04-20 | CVE-2020-26197 | cve | Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a ... |
| 9.8 | 2021-04-20 | CVE-2020-35314 | cve | A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can... |
| 9.8 | 2021-04-19 | CVE-2020-27241 | cve | An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The serialnumber parameter in the getAssets.jsp page is vulnerable to unauthe... |
| 9.8 | 2021-04-19 | CVE-2020-27240 | cve | An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The componentStatus parameter in the getAssets.jsp page is vulnerable to unau... |
| 9.8 | 2021-04-18 | CVE-2021-23381 | cve | This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the... |
| 9.8 | 2021-04-18 | CVE-2021-23379 | cve | This affects all versions of package portkiller. If (attacker-controlled) user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use o... |
| 9.8 | 2021-04-18 | CVE-2021-23376 | cve | This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary comma... |
| 9.8 | 2021-04-18 | CVE-2021-23374 | cve | This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. T... |
| 9.8 | 2021-04-18 | CVE-2021-23375 | cve | This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This ... |
| 9.8 | 2021-04-18 | CVE-2021-23378 | cve | This affects all versions of package picotts. If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands. This ... |
| 9.8 | 2021-04-18 | CVE-2021-23377 | cve | This affects all versions of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary comman... |
| 9.8 | 2021-04-17 | CVE-2020-36195 | cve | An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attac... |
| 9.8 | 2021-04-17 | CVE-2020-2509 | cve | A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised... |
| 9.1 | 2021-04-16 | CVE-2021-26830 | cve | SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.p... |
| 9.8 | 2021-04-16 | CVE-2021-31414 | cve | The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration. |
| 9.8 | 2021-04-16 | CVE-2021-27692 | cve | Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a c... |
| 9.1 | 2021-04-16 | CVE-2021-29451 | cve | Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. ... |
| Page(s) : 1 ... 765 766 767 768 769 770 771 772 773 774 [775] 776 777 778 779 780 781 782 783 784 785 ... | Result(s) : 43529 |
