| Page(s) : 1 ... 780 781 782 783 784 785 786 787 788 789 [790] 791 792 793 794 795 796 797 798 799 800 ... | Result(s) : 43532 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-03-05 | CVE-2021-28032 | cve | An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, ... |
| 9.8 | 2021-03-05 | CVE-2021-28028 | cve | An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. |
| 9.8 | 2021-03-05 | CVE-2021-28034 | cve | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. |
| 9.8 | 2021-03-05 | CVE-2021-28033 | cve | An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics. |
| 9.8 | 2021-03-05 | CVE-2021-28031 | cve | An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. |
| 9.1 | 2021-03-05 | CVE-2021-26705 | cve | An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive RMI methods such as getConnections without authentication, the results of which c... |
| 9.8 | 2021-03-05 | CVE-2021-28035 | cve | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a drop of uninitialized memory can occur upon a val.clone() panic. |
| 9.8 | 2021-03-04 | CVE-2020-35636 | cve | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB... |
| 9.1 | 2021-03-04 | CVE-2021-23127 | cve | An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes. |
| 9.8 | 2021-03-04 | CVE-2020-35628 | cve | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_pars... |
| 9.1 | 2021-03-04 | CVE-2021-23128 | cve | An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetati... |
| 9.8 | 2021-03-04 | CVE-2021-23344 | cve | The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set. |
| 9.8 | 2021-03-04 | CVE-2021-25346 | cve | A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution. |
| 9.8 | 2021-03-04 | CVE-2020-8298 | cve | fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods. |
| 9.8 | 2021-03-04 | CVE-2020-28601 | cve | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser:... |
| 9.8 | 2021-03-04 | CVE-2021-26293 | cve | An issue was discovered in AfterLogic Aurora through 8.5.3 and WebMail Pro through 8.5.3, when DAV is enabled. They allow directory traversal to create new files (such as an exe... |
| 9.8 | 2021-03-04 | CVE-2020-28636 | cve | A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_pars... |
| 9.8 | 2021-03-04 | CVE-2020-24914 | cve | A PHP object injection bug in profile.php in qcubed (all versions including 3.1.1) unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenti... |
| 9.8 | 2021-03-04 | CVE-2020-24913 | cve | A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by inj... |
| 9.1 | 2021-03-03 | CVE-2021-27931 | cve | LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE pa... |
| Page(s) : 1 ... 780 781 782 783 784 785 786 787 788 789 [790] 791 792 793 794 795 796 797 798 799 800 ... | Result(s) : 43532 |
