| Page(s) : 1 ... 81 82 83 84 85 86 87 88 89 90 [91] 92 93 94 95 96 97 98 99 100 101 ... | Result(s) : 43228 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-11-15 | CVE-2024-10443 | cve | Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 an... |
| 9.8 | 2024-11-15 | CVE-2024-10534 | cve | Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (PACS) / Access Control Security Systems (ACSS) allows Traffic Injection.This ... |
| 9.8 | 2024-11-15 | CVE-2024-11237 | cve | A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHC... |
| 9.8 | 2024-11-15 | CVE-2024-11120 | cve | Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system ... |
| 9.8 | 2024-11-15 | CVE-2024-10924 | cve | The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper use... |
| 9.6 | 2024-11-14 | CVE-2024-52308 | cve | The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` co... |
| 9.8 | 2024-11-14 | CVE-2024-50833 | cve | A SQL Injection vulnerability was found in /login.php in KASHIPARA E-learning Management System Project 1.0 via the username and password parameters. |
| 9.6 | 2024-11-14 | CVE-2024-49362 | cve | Joplin is a free, open source note taking and to-do application. Joplin-desktop has a vulnerability that leads to remote code execution (RCE) when a user clicks on an link with... |
| 9.8 | 2024-11-14 | CVE-2024-50823 | cve | A SQL Injection vulnerability was found in /admin/login.php in kashipara E-learning Management System Project 1.0 via the username and password parameters. |
| 9.8 | 2024-11-14 | CVE-2024-11209 | cve | A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation l... |
| 9.8 | 2024-11-13 | CVE-2024-48510 | cve | Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: ... |
| 9.8 | 2024-11-13 | CVE-2024-52295 | cve | DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the c... |
| 9 | 2024-11-13 | CVE-2024-52300 | cve | macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can ... |
| 9.8 | 2024-11-13 | CVE-2024-52306 | cve | FileManager provides a Backpack admin interface for files and folder. Prior to 3.0.9, deserialization of untrusted data from the mimes parameter could lead to remote code execut... |
| 9.8 | 2024-11-13 | CVE-2024-43091 | cve | In filterMask of SkEmbossMaskFilter.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional executio... |
| 9.8 | 2024-11-13 | CVE-2024-10820 | cve | The WooCommerce Upload Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up t... |
| 9.8 | 2024-11-13 | CVE-2024-10828 | cve | The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted... |
| 9.8 | 2024-11-13 | CVE-2024-10575 | cve | CWE-862: Missing Authorization vulnerability exists that could cause unauthorized access when enabled on the network and potentially impacting connected devices. |
| 9.8 | 2024-11-13 | CVE-2024-11150 | cve | The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function... |
| 9.8 | 2024-11-13 | CVE-2024-21541 | cve | Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function... |
| Page(s) : 1 ... 81 82 83 84 85 86 87 88 89 90 [91] 92 93 94 95 96 97 98 99 100 101 ... | Result(s) : 43228 |
