| Page(s) : 1 ... 843 844 845 846 847 848 849 850 851 852 [853] 854 855 856 857 858 859 860 861 862 863 ... | Result(s) : 43549 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-09-17 | CVE-2020-25216 | cve | yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. |
| 9.8 | 2020-09-17 | CVE-2020-11698 | cve | An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands i... |
| 10 | 2020-09-16 | VU#490028 | VU-CERT | Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector |
| 9.8 | 2020-09-16 | CVE-2020-14315 | cve | A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an atta... |
| 9.8 | 2020-09-16 | CVE-2020-25412 | cve | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. |
| 9.8 | 2020-09-16 | CVE-2020-25614 | cve | xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerT... |
| 9.8 | 2020-09-16 | CVE-2020-14509 | cve | Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could sen... |
| 9.8 | 2020-09-16 | CVE-2020-14517 | cve | Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) ... |
| 9.6 | 2020-09-16 | CVE-2020-24374 | cve | A DNS rebinding vulnerability in Freebox v5 before 1.5.29. |
| 9.6 | 2020-09-16 | CVE-2020-24377 | cve | A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3. |
| 9.6 | 2020-09-16 | CVE-2020-24376 | cve | A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3. |
| 9.8 | 2020-09-15 | CVE-2020-23828 | cve | A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploadin... |
| 9.1 | 2020-09-15 | CVE-2020-24561 | cve | A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system. An attacker must first obta... |
| 9.3 | 2020-09-15 | CVE-2020-15178 | cve | In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was in... |
| 9.8 | 2020-09-15 | CVE-2020-23512 | cve | VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication. |
| 9.8 | 2020-09-15 | CVE-2020-23833 | cve | Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a m... |
| 9 | 2020-09-15 | CVE-2020-15179 | cve | The ScratchSig extension for MediaWiki before version 1.0.1 allows stored Cross-Site Scripting. Using tag inside tag, attackers with edit permission can execute scripts on vis... |
| 10 | 2020-09-15 | CVE-2020-15148 | cve | Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.... |
| 9.8 | 2020-09-15 | CVE-2020-16098 | cve | It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), version... |
| 9 | 2020-09-15 | CVE-2020-7293 | cve | Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root pass... |
| Page(s) : 1 ... 843 844 845 846 847 848 849 850 851 852 [853] 854 855 856 857 858 859 860 861 862 863 ... | Result(s) : 43549 |
