| Page(s) : 1 ... 779 780 781 782 783 784 785 786 787 788 [789] 790 791 792 793 794 795 796 797 798 799 ... | Result(s) : 43529 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-03-10 | CVE-2020-1916 | cve | An incorrect size calculation in ldap_escape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM pr... |
| 9.8 | 2021-03-10 | CVE-2021-28122 | cve | A request-validation issue was discovered in Open5GS 2.1.3 through 2.2.x before 2.2.1. The WebUI component allows an unauthenticated user to use a crafted HTTP API request to cr... |
| 9.8 | 2021-03-09 | CVE-2021-21484 | cve | LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind. |
| 9.8 | 2021-03-09 | CVE-2021-23352 | cve | This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() fun... |
| 9.8 | 2021-03-09 | CVE-2021-25915 | cve | Prototype pollution vulnerability in 'changeset' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead to remote code execution. |
| 9.8 | 2021-03-09 | CVE-2021-28119 | cve | Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interf... |
| 9.8 | 2021-03-08 | CVE-2021-21329 | cve | RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication enabled are able to lo... |
| 9.8 | 2021-03-08 | CVE-2021-21335 | cve | In the SPNEGO HTTP Authentication Module for nginx (spnego-http-auth-nginx-module) before version 1.1.1 basic Authentication can be bypassed using a malformed username. This aff... |
| 9.8 | 2021-03-05 | CVE-2021-27964 | cve | SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authenticatio... |
| 9.8 | 2021-03-05 | CVE-2021-27965 | cve | The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x8010... |
| 9.8 | 2021-03-05 | CVE-2021-28027 | cve | An issue was discovered in the bam crate before 0.1.3 for Rust. There is an integer underflow and out-of-bounds write during the loading of a bgzip block. |
| 9.8 | 2021-03-05 | CVE-2021-3420 | cve | A flaw was found in newlib in versions prior to 4.0.0. Improper overflow validation in the memory allocation functions mEMALIGn, pvALLOc, nano_memalign, nano_valloc, nano_pvallo... |
| 9.8 | 2021-03-05 | CVE-2021-28028 | cve | An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. |
| 9.8 | 2021-03-05 | CVE-2021-28031 | cve | An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. |
| 9.8 | 2021-03-05 | CVE-2021-28037 | cve | An issue was discovered in the internment crate before 0.4.2 for Rust. There is a data race that can cause memory corruption because of the unconditional implementation of Sync ... |
| 9.8 | 2021-03-05 | CVE-2021-28032 | cve | An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, ... |
| 9.8 | 2021-03-05 | CVE-2021-28033 | cve | An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics. |
| 9.8 | 2021-03-05 | CVE-2021-28034 | cve | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. |
| 9.8 | 2021-03-05 | CVE-2021-28035 | cve | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a drop of uninitialized memory can occur upon a val.clone() panic. |
| 9.1 | 2021-03-05 | CVE-2020-28050 | cve | Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server. |
| Page(s) : 1 ... 779 780 781 782 783 784 785 786 787 788 [789] 790 791 792 793 794 795 796 797 798 799 ... | Result(s) : 43529 |
