| Page(s) : 1 ... 838 839 840 841 842 843 844 845 846 847 [848] 849 850 851 852 853 854 855 856 857 858 ... | Result(s) : 43549 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-10-02 | CVE-2020-26537 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a col... |
| 9.8 | 2020-10-02 | CVE-2020-12124 | cve | A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux comma... |
| 9.8 | 2020-10-02 | CVE-2020-7737 | cve | All versions of package safetydance are vulnerable to Prototype Pollution via the set function. |
| 9.8 | 2020-10-02 | CVE-2020-7736 | cve | The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function. |
| 9.8 | 2020-10-02 | CVE-2020-24698 | cve | An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-f... |
| 9.8 | 2020-10-02 | CVE-2020-12125 | cve | A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instruc... |
| 9.8 | 2020-10-02 | CVE-2020-26518 | cve | Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter. |
| 9.8 | 2020-10-02 | CVE-2020-26539 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1. When there is a multiple interpretation error for /V (in the Additional Action and Field dictionaries), a use... |
| 9.1 | 2020-10-02 | CVE-2020-18190 | cve | Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture. |
| 9.8 | 2020-10-02 | CVE-2020-26535 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an e... |
| 9.8 | 2020-10-02 | CVE-2020-26534 | cve | An issue was discovered in Foxit Reader and PhantomPDF before 10.1. There is an Opt object use-after-free related to Field::ClearItems and Field::DeleteOptions, during AcroForm ... |
| 9.1 | 2020-10-02 | CVE-2020-18191 | cve | GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php |
| 9.1 | 2020-10-02 | CVE-2020-12676 | cve | FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature excl... |
| 9.1 | 2020-10-02 | CVE-2020-15232 | cve | In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style. |
| 9.1 | 2020-10-02 | CVE-2020-26525 | cve | Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third part... |
| 9.8 | 2020-10-02 | CVE-2020-26527 | cve | An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.co... |
| 9.8 | 2020-10-02 | CVE-2020-18185 | cve | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment. |
| 9.8 | 2020-10-02 | CVE-2020-12126 | cve | Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuratio... |
| 9.8 | 2020-10-01 | CVE-2020-15227 | cve | Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly le... |
| 9.8 | 2020-10-01 | CVE-2020-15533 | cve | In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection ... |
| Page(s) : 1 ... 838 839 840 841 842 843 844 845 846 847 [848] 849 850 851 852 853 854 855 856 857 858 ... | Result(s) : 43549 |
