Rezultati pretraživanja za 'Od datuma: 17.04.2026.'
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2026-47119 | 6.1 | Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the image_get API endpoint without Content-Security-Polic | 2026-05-27 19:59:03 | 2026-05-27 15:16:30 |
| CVE-2026-47118 | 6.5 | Agent Zero before version 1.15 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by supplying crafted paths to the image file serving endpoint, which relies solely on an extension allowlist while th | 2026-05-27 19:59:03 | 2026-05-27 15:16:30 |
| CVE-2026-49002 | 9.1 | Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information. | 2026-05-27 19:59:03 | 2026-05-27 09:16:32 |
| CVE-2026-49001 | 5.3 | Cross-site request forgery (CSRF) vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data. | 2026-05-27 19:59:03 | 2026-05-27 08:16:44 |
| CVE-2026-49000 | 7.0 | An insecure password scheme refers to vulnerabilities arising from improper selection of encryption algorithms, inadequate key management, or flawed code implementation, which may lead to data leakage or tampering, such as hard-coded keys or the use | 2026-05-27 19:59:03 | 2026-05-27 05:16:22 |
| CVE-2026-48999 | 5.7 | Attackers carefully craft malicious scripts, such as JavaScript, and inject them into target systems; when other users access pages containing such malicious content, the scripts are automatically loaded and executed in the victim's browser.Attackers | 2026-05-27 19:59:03 | 2026-05-27 04:16:31 |
| CVE-2022-50943 | 6.1 | Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/se | 2026-05-27 19:56:14 | 2026-05-10 13:16:31 |
| CVE-2026-2255 | 4.3 | Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop cluster credentials in plain text through the Cluster Test API. Although the user should not see those explicitly, th | 2026-05-27 19:55:50 | 2026-05-27 04:16:26 |
| CVE-2026-2254 | 6.3 | Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs on certain API endpoints related to platform mail notfications. | 2026-05-27 19:55:50 | 2026-05-27 04:16:26 |
| CVE-2026-2253 | 7.7 | Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities. | 2026-05-27 19:55:50 | 2026-05-27 04:16:26 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/1207
Zapisa po stranici: