| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2025-51966 | 6.1 | A cross-site scripting (XSS) vulnerability exists in the PDF preview functionality of uTools thru 7.1.1. When a user previews a specially crafted PDF file, embedded JavaScript code executes within the application's privileged context, potentially all | 2025-09-02 20:15:34 | 2025-09-02 18:15:35 |
| CVE-2025-50565 | 6.5 | Doubo ERP 1.0 has an SQL injection vulnerability due to a lack of filtering of user input, which can be remotely initiated by an attacker. | 2025-09-02 20:15:34 | 2025-09-02 18:15:35 |
| CVE-2025-54599 | 7.5 | The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows account takeover, if SSO is used, when a victim changes the email address that they have configured. To exploit this, an attacker would create thei | 2025-09-02 20:15:34 | 2025-09-02 16:15:39 |
| CVE-2025-50757 | 6.5 | Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the username parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | 2025-09-02 20:15:34 | 2025-09-02 15:15:32 |
| CVE-2025-50755 | 6.5 | Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_cmd function via the command parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | 2025-09-02 20:15:34 | 2025-09-02 15:15:32 |
| CVE-2025-46047 | 6.5 | A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter. | 2025-09-02 20:15:33 | 2025-09-02 14:15:34 |
| CVE-2025-21701 | 7.4 | In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DE | 2025-09-02 20:15:33 | 2025-02-13 15:15:20 |
| CVE-2024-51423 | 6.1 | Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.00.21 and before allows a remote attacker to execute arbitrary code via the class parameter. | 2025-09-02 20:15:32 | 2025-09-02 16:15:38 |
| CVE-2024-48705 | 6.5 | Wavlink AC1200 with firmware versions M32A3_V1410_230602 and M32A3_V1410_240222 are vulnerable to a post-authentication command injection while resetting the password. This vulnerability is specifically found within the "set_sys_adm" function of the | 2025-09-02 20:15:32 | 2025-09-02 15:15:31 |
| CVE-2024-29031 | 7.5 | Meshery is an open source, cloud native manager that enables the design and management of Kubernetes-based infrastructure and applications. A SQL injection vulnerability in Meshery prior to version 0.7.17 allows a remote attacker to obtain sensitive | 2025-09-02 19:25:57 | 2024-03-21 23:15:11 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/30681
Zapisa po stranici: