| Page(s) : 1 ... 775 776 777 778 779 780 781 782 783 784 [785] 786 787 788 789 790 791 792 793 794 795 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-03-23 | CVE-2021-21344 | cve | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and ex... |
| 9.1 | 2021-03-23 | CVE-2021-21342 | cve | XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time... |
| 9.6 | 2021-03-23 | CVE-2021-29079 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12,... |
| 9.6 | 2021-03-23 | CVE-2021-29078 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12,... |
| 9 | 2021-03-23 | CVE-2021-29071 | cve | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR85... |
| 9.6 | 2021-03-23 | CVE-2021-29065 | cve | NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass. |
| 9.8 | 2021-03-23 | CVE-2020-28503 | cve | The package copy-props before 2.0.5 are vulnerable to Prototype Pollution via the main functionality. |
| 9.6 | 2021-03-23 | CVE-2021-29076 | cve | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12,... |
| 9.8 | 2021-03-22 | CVE-2021-26295 | cve | Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz. |
| 9.8 | 2021-03-22 | CVE-2021-28955 | cve | git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows). |
| 9.8 | 2021-03-21 | CVE-2020-13963 | cve | SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded i... |
| 9.8 | 2021-03-19 | CVE-2021-26275 | cve | The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are... |
| 9.8 | 2021-03-19 | CVE-2021-28834 | cve | Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. |
| 9.8 | 2021-03-19 | CVE-2021-25289 | cve | An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with Li... |
| 9.1 | 2021-03-19 | CVE-2021-26990 | cve | Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files. |
| 9.8 | 2021-03-19 | CVE-2020-6577 | cve | The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows itrk-api.php rechtstext_language SQL Injection. |
| 9.8 | 2021-03-19 | CVE-2019-10196 | cve | A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option to the Buffer constructor without proper sanitization. Thi... |
| 9.8 | 2021-03-18 | CVE-2021-28794 | cve | The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath. |
| 10 | 2021-03-18 | CVE-2020-14516 | cve | In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Se... |
| 9.8 | 2021-03-18 | CVE-2021-22848 | cve | HGiga MailSherlock contains a SQL Injection. Remote attackers can inject SQL syntax and execute SQL commands in a URL parameter of email pages without privilege. |
| Page(s) : 1 ... 775 776 777 778 779 780 781 782 783 784 [785] 786 787 788 789 790 791 792 793 794 795 ... | Result(s) : 43529 |
