| Page(s) : 1 ... 903 904 905 906 907 908 909 910 911 912 [913] 914 915 916 917 918 919 920 921 922 923 ... | Result(s) : 43551 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-03-30 | GLSA-202003-62 | Gentoo | GNU Screen: Buffer overflow |
| 9.8 | 2020-03-30 | CVE-2020-7611 | cve | All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating r... |
| 9.8 | 2020-03-30 | CVE-2020-7610 | cve | All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases w... |
| 9.8 | 2020-03-30 | CVE-2020-10374 | cve | A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter o... |
| 9.1 | 2020-03-30 | CVE-2019-17560 | cve | The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates... |
| 9.8 | 2020-03-30 | CVE-2020-11105 | cve | An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes proble... |
| 9.8 | 2020-03-30 | CVE-2019-19606 | cve | X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths (or a leak of OS credentials to a remote system) v... |
| 9.8 | 2020-03-30 | CVE-2019-19605 | cve | X-Plane before 11.41 allows Arbitrary Memory Write via crafted network packets, which could cause a denial of service or arbitrary code execution. |
| 9.8 | 2020-03-30 | CVE-2016-11024 | cve | odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. |
| 9.8 | 2020-03-30 | CVE-2016-11023 | cve | odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. |
| 9.8 | 2020-03-30 | USN-4310-1 | Ubuntu | WebKitGTK+ vulnerability |
| 9.1 | 2020-03-27 | CVE-2020-10993 | cve | Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java. |
| 9.8 | 2020-03-27 | CVE-2015-5684 | cve | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the L... |
| 9.8 | 2020-03-27 | CVE-2020-10956 | cve | GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature. |
| 9.8 | 2020-03-27 | CVE-2020-10990 | cve | An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component. |
| 9.8 | 2020-03-27 | CVE-2020-10992 | cve | Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java. |
| 9.8 | 2020-03-27 | CVE-2020-10991 | cve | Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java |
| 9.8 | 2020-03-27 | CVE-2020-3936 | cve | UltraLog Express device management interface does not properly filter user inputted string in some specific parameters, attackers can inject arbitrary SQL command. |
| 9.8 | 2020-03-26 | CVE-2020-10823 | cve | A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achie... |
| 9.8 | 2020-03-26 | CVE-2020-10828 | cve | A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP req... |
| Page(s) : 1 ... 903 904 905 906 907 908 909 910 911 912 [913] 914 915 916 917 918 919 920 921 922 923 ... | Result(s) : 43551 |
