| Page(s) : 1 ... 825 826 827 828 829 830 831 832 833 834 [835] 836 837 838 839 840 841 842 843 844 845 ... | Result(s) : 43543 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 10 | 2020-11-10 | CVE-2020-26824 | cve | SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Legacy Port... |
| 9.8 | 2020-11-10 | CVE-2020-13927 | cve | The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact.... |
| 9.8 | 2020-11-10 | CVE-2020-7766 | cve | This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the forc... |
| 9.8 | 2020-11-10 | CVE-2020-25074 | cve | The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can ... |
| 10 | 2020-11-10 | CVE-2020-26822 | cve | SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Outside Discovery C... |
| 10 | 2020-11-10 | CVE-2020-26821 | cve | SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the SVG Converter Servi... |
| 10 | 2020-11-10 | CVE-2020-26823 | cve | SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorization checks in the Upgrade Diagnostics... |
| 9.8 | 2020-11-09 | CVE-2020-14188 | cve | The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows remote attackers to execute arbitrary code in the context of a GitHub runner... |
| 9.8 | 2020-11-09 | CVE-2020-26168 | cve | The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in... |
| 9.8 | 2020-11-09 | CVE-2020-28371 | cve | An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds me... |
| 9.1 | 2020-11-09 | CVE-2020-15297 | cve | Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to 6.6.20.294 allows an unprivileged att... |
| 9.8 | 2020-11-09 | CVE-2020-14189 | cve | The execute function in in the Atlassian gajira-comment GitHub Action before version 2.0.2 allows remote attackers to execute arbitrary code in the context of a GitHub runner by... |
| 9.1 | 2020-11-09 | CVE-2020-24407 | cve | Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an unsafe file upload vulnerability that could result in arbitrary code execution. This vulnerability could be a... |
| 9.8 | 2020-11-09 | CVE-2020-26542 | cve | An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active D... |
| 9.8 | 2020-11-09 | CVE-2020-23138 | cve | An unrestricted file upload vulnerability was discovered in the Microweber 1.1.18 admin account page. An attacker can upload PHP code or any extension (eg- .exe) to the web serv... |
| 9.8 | 2020-11-08 | CVE-2020-28347 | cve | tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an ... |
| 9.8 | 2020-11-08 | CVE-2020-28340 | cve | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The ... |
| 9.8 | 2020-11-06 | CVE-2020-26214 | cve | In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorizatio... |
| 9.8 | 2020-11-06 | CVE-2020-25172 | cve | A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files. |
| 9.8 | 2020-11-06 | CVE-2020-3284 | cve | A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsig... |
| Page(s) : 1 ... 825 826 827 828 829 830 831 832 833 834 [835] 836 837 838 839 840 841 842 843 844 845 ... | Result(s) : 43543 |
