| Page(s) : 1 ... 888 889 890 891 892 893 894 895 896 897 [898] 899 900 901 902 903 904 905 906 907 908 ... | Result(s) : 43550 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-04-29 | CVE-2019-5620 | cve | ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function. |
| 9.8 | 2020-04-29 | CVE-2016-11061 | cve | Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters... |
| 9.8 | 2020-04-29 | CVE-2019-5622 | cve | Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials. |
| 9.8 | 2020-04-29 | CVE-2020-12443 | cve | BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename (lowercase) value can be a .pdf filename while the presFilename (mixed case) ... |
| 9.8 | 2020-04-29 | CVE-2020-12471 | cve | MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTM... |
| 9.8 | 2020-04-29 | CVE-2019-5623 | cve | Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection&... |
| 9.8 | 2020-04-28 | CVE-2020-1745 | cve | A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in ... |
| 9.8 | 2020-04-28 | CVE-2019-20791 | cve | OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc. |
| 9.8 | 2020-04-28 | CVE-2020-12284 | cve | cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. |
| 9.8 | 2020-04-28 | CVE-2020-12429 | cve | Online Course Registration 2.0 has multiple SQL injections that would can lead to a complete database compromise and authentication bypass in the login pages: admin/change-passw... |
| 9.8 | 2020-04-28 | CVE-2020-12442 | cve | Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated with the Apache HTTP Server, aka Bug 683250. |
| 9.8 | 2020-04-28 | CVE-2017-18858 | cve | Certain NETGEAR devices are affected by command execution. This affects M4200-10MG-POE+ 12.0.2.11 and earlier, M4300-28G 12.0.2.11 and earlier, M4300-52G 12.0.2.11 and earlier, ... |
| 9.8 | 2020-04-28 | CVE-2017-18857 | cve | The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement. |
| 9.8 | 2020-04-27 | CVE-2020-9294 | cve | An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoiceEntreprise 6.0.0 and 6.0.1 may allow a remote unauthenticated attacker to ac... |
| 9.8 | 2020-04-27 | CVE-2020-1952 | cve | An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code re... |
| 9.8 | 2020-04-27 | CVE-2020-9068 | cve | Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerabili... |
| 9.8 | 2020-04-27 | CVE-2019-18823 | cve | HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a j... |
| 9.8 | 2020-04-27 | CVE-2020-7609 | cve | node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitiza... |
| 9.8 | 2020-04-27 | CVE-2020-12278 | cve | An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow... |
| 9.8 | 2020-04-27 | CVE-2020-12271 | cve | A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices... |
| Page(s) : 1 ... 888 889 890 891 892 893 894 895 896 897 [898] 899 900 901 902 903 904 905 906 907 908 ... | Result(s) : 43550 |
