| Page(s) : 1 ... 831 832 833 834 835 836 837 838 839 840 [841] 842 843 844 845 846 847 848 849 850 851 ... | Result(s) : 43549 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-10-26 | CVE-2020-7124 | cve | A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. |
| 9.8 | 2020-10-26 | CVE-2020-26879 | cve | Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor v... |
| 9.8 | 2020-10-23 | CVE-2020-25466 | cve | A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code. |
| 9.8 | 2020-10-23 | CVE-2020-25483 | cve | An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server. |
| 9.1 | 2020-10-22 | CVE-2020-9868 | cve | A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This issue is fixed in iO... |
| 9.8 | 2020-10-22 | CVE-2019-17006 | cve | In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a ... |
| 9.1 | 2020-10-22 | CVE-2020-9920 | cve | A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A malicious mail server may... |
| 9.1 | 2020-10-22 | CVE-2019-16127 | cve | Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow. |
| 9.8 | 2020-10-22 | CVE-2020-27619 | cve | In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. |
| 9.8 | 2020-10-22 | CVE-2020-9898 | cve | This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A sandboxed process may be able to circumvent sandb... |
| 9.8 | 2020-10-22 | CVE-2020-15683 | cve | Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we p... |
| 9.8 | 2020-10-22 | CVE-2020-27664 | cve | admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functionality. |
| 9.8 | 2020-10-22 | CVE-2020-15906 | cve | tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. |
| 9.8 | 2020-10-22 | CVE-2020-15684 | cve | Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes... |
| 9.1 | 2020-10-22 | CVE-2020-9906 | cve | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. A remote attacker... |
| 9.1 | 2020-10-22 | CVE-2020-27195 | cve | HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Fixed in 0.12.6, 0.11... |
| 9.1 | 2020-10-21 | CVE-2020-15240 | cve | omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method. Improper validation of the JWT ... |
| 9.8 | 2020-10-21 | CVE-2020-27605 | cve | BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox." |
| 9 | 2020-10-21 | CVE-2020-14883 | cve | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0... |
| 9.8 | 2020-10-21 | CVE-2020-27615 | cve | The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip. |
| Page(s) : 1 ... 831 832 833 834 835 836 837 838 839 840 [841] 842 843 844 845 846 847 848 849 850 851 ... | Result(s) : 43549 |
