| Page(s) : 1 ... 965 966 967 968 969 970 971 972 973 974 [975] 976 977 978 979 980 981 982 983 984 985 ... | Result(s) : 43565 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2019-11-19 | CVE-2011-3350 | cve | masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping. |
| 9.8 | 2019-11-19 | CVE-2011-2921 | cve | ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root pr... |
| 9.8 | 2019-11-19 | CVE-2019-10766 | cve | Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL Injection in the limit() function due to improper sanitization. |
| 9.8 | 2019-11-18 | CVE-2018-20687 | cve | An XML external entity (XXE) vulnerability in CommandCenterWebServices/.*?wsdl in Raritan CommandCenter Secure Gateway before 8.0.0 allows remote unauthenticated users to read a... |
| 9.8 | 2019-11-18 | CVE-2011-5331 | cve | Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval. |
| 9.8 | 2019-11-18 | CVE-2019-19113 | cve | main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23 allows search?goodsCategoryId=&keyword= SQL Injection. |
| 9.8 | 2019-11-18 | CVE-2011-5330 | cve | Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls. |
| 9.1 | 2019-11-18 | CVE-2019-17058 | cve | Footy Tipping Software AFL Web Edition 2019 allows arbitrary file upload and resultant remote code execution because a whitelist can be bypassed by an Administrator who uploads ... |
| 9.8 | 2019-11-18 | CVE-2019-12409 | cve | The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping... |
| 9.8 | 2019-11-18 | CVE-2019-12271 | cve | Sandline Centraleyezer (On Premises) allows unrestricted File Upload with a dangerous type, because the feature of adding ".jpg" to any uploaded filename is not enforced on the ... |
| 9.8 | 2019-11-17 | CVE-2019-19012 | cve | An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the ... |
| 9.8 | 2019-11-16 | CVE-2019-19010 | cve | Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have ... |
| 9.8 | 2019-11-15 | CVE-2011-0703 | cve | In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session. |
| 9.8 | 2019-11-15 | CVE-2019-13581 | cve | An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automot... |
| 9.8 | 2019-11-15 | CVE-2019-18981 | cve | Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification. |
| 9.8 | 2019-11-15 | CVE-2013-7087 | cve | ClamAV before 0.97.7 has WWPack corrupt heap memory |
| 9.8 | 2019-11-15 | CVE-2013-7088 | cve | ClamAV before 0.97.7 has buffer overflow in the libclamav component |
| 9.8 | 2019-11-15 | CVE-2019-14345 | cve | TemaTres 3.0 allows remote unprivileged users to create an administrator account |
| 9.8 | 2019-11-15 | CVE-2019-18985 | cve | Pimcore before 6.2.2 lacks brute force protection for the 2FA token. |
| 9.8 | 2019-11-15 | CVE-2019-18928 | cve | Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previou... |
| Page(s) : 1 ... 965 966 967 968 969 970 971 972 973 974 [975] 976 977 978 979 980 981 982 983 984 985 ... | Result(s) : 43565 |
