| Page(s) : 1 ... 926 927 928 929 930 931 932 933 934 935 [936] 937 938 939 940 941 942 943 944 945 946 ... | Result(s) : 43552 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2020-02-18 | CVE-2013-6295 | cve | PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module |
| 9.8 | 2020-02-18 | CVE-2020-8010 | cve | CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot (controller) component. A remote... |
| 9.8 | 2020-02-17 | CVE-2014-8089 | cve | SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute ... |
| 9.8 | 2020-02-17 | CVE-2020-1693 | cve | A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use th... |
| 9.8 | 2020-02-17 | CVE-2020-9006 | cve | The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the sgImportPopups function in sg_popup_ajax.php) via PHP Deserialization on atta... |
| 9.8 | 2020-02-17 | CVE-2020-9020 | cve | Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field. |
| 9.8 | 2020-02-17 | CVE-2020-9021 | cve | Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019, and 7800SD.2012.12.5 is vulnerable to injections of operating system command... |
| 9.8 | 2020-02-17 | CVE-2020-9023 | cve | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented and are configured with weak passwords (User bluetooth, password bluetooth; Use... |
| 9.8 | 2020-02-17 | CVE-2020-9024 | cve | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed... |
| 9.8 | 2020-02-17 | CVE-2020-9026 | cve | ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected. |
| 9.8 | 2020-02-17 | CVE-2020-9027 | cve | ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected. |
| 9.1 | 2020-02-17 | CVE-2014-7236 | cve | Eval injection vulnerability in lib/TWiki/Plugins.pm in TWiki before 6.0.1 allows remote attackers to execute arbitrary Perl code via the debugenableplugins parameter to do/view... |
| 9.8 | 2020-02-17 | CVE-2014-4981 | cve | LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to insufficient input sanitization of the web GUI parameters. |
| 9.8 | 2020-02-17 | CVE-2013-3738 | cve | A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary... |
| 9.8 | 2020-02-17 | CVE-2020-8518 | cve | Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. |
| 9.8 | 2020-02-17 | CVE-2015-6922 | cve | Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which a... |
| 9.4 | 2020-02-17 | CVE-2020-8768 | cve | An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access ... |
| 9.8 | 2020-02-17 | DSA-4626 | Debian | php7.3 security update |
| 9.8 | 2020-02-17 | CVE-2020-8427 | cve | In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass. |
| 9.8 | 2020-02-17 | CVE-2020-5531 | cve | Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller Module(Q24DHCCPU-V, Q24DHCCPU-VG User Ethernet port (CH1, CH2): First 5 digi... |
| Page(s) : 1 ... 926 927 928 929 930 931 932 933 934 935 [936] 937 938 939 940 941 942 943 944 945 946 ... | Result(s) : 43552 |
