| Page(s) : 1 ... 766 767 768 769 770 771 772 773 774 775 [776] 777 778 779 780 781 782 783 784 785 786 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-04-16 | CVE-2021-31414 | cve | The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration. |
| 9.8 | 2021-04-15 | CVE-2021-27850 | cve | A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The... |
| 9.8 | 2021-04-15 | CVE-2021-27112 | cve | LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images. |
| 9.8 | 2021-04-15 | CVE-2020-27237 | cve | An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp pag... |
| 9.8 | 2021-04-15 | CVE-2020-27238 | cve | An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated... |
| 9.8 | 2021-04-15 | CVE-2020-27239 | cve | An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthen... |
| 9.8 | 2021-04-15 | CVE-2020-28592 | cve | A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON obje... |
| 9.8 | 2021-04-14 | CVE-2021-27706 | cve | Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "req... |
| 9.8 | 2021-04-14 | CVE-2021-27707 | cve | Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. ... |
| 9.8 | 2021-04-14 | CVE-2021-27130 | cve | Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload. |
| 9.8 | 2021-04-14 | CVE-2021-27258 | cve | This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploi... |
| 9.8 | 2021-04-14 | CVE-2021-27710 | cve | Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execu... |
| 9.8 | 2021-04-14 | CVE-2020-19778 | cve | Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request. |
| 9.8 | 2021-04-14 | CVE-2021-27114 | cve | An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_... |
| 9.8 | 2021-04-14 | CVE-2021-27113 | cve | An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRou... |
| 9.8 | 2021-04-14 | CVE-2021-27705 | cve | Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occ... |
| 9.8 | 2021-04-14 | CVE-2020-29592 | cve | An issue was discovered in Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor's file upload allows an attacker to upl... |
| 9.8 | 2021-04-14 | CVE-2021-28300 | cve | NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service (... |
| 9.8 | 2021-04-14 | CVE-2021-27708 | cve | Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execu... |
| 9.8 | 2021-04-14 | CVE-2021-30459 | cve | A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by chang... |
| Page(s) : 1 ... 766 767 768 769 770 771 772 773 774 775 [776] 777 778 779 780 781 782 783 784 785 786 ... | Result(s) : 43529 |
