| Page(s) : 1 ... 76 77 78 79 80 81 82 83 84 85 [86] 87 88 89 90 91 92 93 94 95 96 ... | Result(s) : 39842 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-11-02 | CVE-2023-45019 | cve | Online Bus Booking System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'category' parameter of the category.php resource does not ... |
| 9.8 | 2023-11-01 | CVE-2023-39281 | cve | A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the ... |
| 9.8 | 2023-11-01 | CVE-2023-44025 | cve | SQL injection vulnerability in addify Addifyfreegifts v.1.0.2 and before allows a remote attacker to execute arbitrary code via a crafted script to the getrulebyid function in t... |
| 9.8 | 2023-11-01 | CVE-2023-5178 | cve | A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue ... |
| 9.9 | 2023-11-01 | CVE-2023-20048 | cve | A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized c... |
| 9.8 | 2023-11-01 | CVE-2023-5765 | cve | Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data... |
| 9.8 | 2023-11-01 | CVE-2023-5766 | cve | A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session ... |
| 9.8 | 2023-11-01 | CVE-2023-46482 | cve | SQL injection vulnerability in wuzhicms v.4.1.0 allows a remote attacker to execute arbitrary code via the Database Backup Functionality in the coreframe/app/database/admin/inde... |
| 9.6 | 2023-11-01 | CVE-2023-1716 | cve | Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possi... |
| 9.6 | 2023-11-01 | CVE-2023-1717 | cve | Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript cod... |
| 9.8 | 2023-11-01 | CVE-2023-1719 | cve | Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execu... |
| 9.8 | 2023-10-31 | CVE-2023-46484 | cve | An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setLedCfg function. |
| 9.8 | 2023-10-31 | CVE-2023-46485 | cve | An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the setTracerouteCfg function of the stecgi.cgi component. |
| 9.8 | 2023-10-31 | CVE-2023-46249 | cve | authentik is an open-source Identity Provider. Prior to versions 2023.8.4 and 2023.10.2, when the default admin user has been deleted, it is potentially possible for an attacker... |
| 9.8 | 2023-10-31 | CVE-2023-46256 | cve | PX4-Autopilot provides PX4 flight control solution for drones. In versions 1.14.0-rc1 and prior, PX4-Autopilot has a heap buffer overflow vulnerability in the parser function du... |
| 9.8 | 2023-10-31 | CVE-2023-24000 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GamiPress gamipress allows SQL Injection.This issue affects GamiP... |
| 9.8 | 2023-10-31 | CVE-2023-46976 | cve | TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function. |
| 9.8 | 2023-10-31 | CVE-2023-46977 | cve | TOTOLINK LR1200GB V9.1.0u.6619_B20230130 was discovered to contain a stack overflow via the password parameter in the function loginAuth. |
| 9.8 | 2023-10-31 | CVE-2023-46979 | cve | TOTOLINK X6000R V9.4.0cu.852_B20230719 was discovered to contain a command injection vulnerability via the enable parameter in the setLedCfg function. |
| 9.8 | 2023-10-31 | CVE-2023-5360 | cve | The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary fi... |
| Page(s) : 1 ... 76 77 78 79 80 81 82 83 84 85 [86] 87 88 89 90 91 92 93 94 95 96 ... | Result(s) : 39842 |
