| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2022-0371 | 4.0 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search | 2022-04-04 19:14:00 | 2022-03-28 19:15:00 |
| CVE-2018-25030 | 1.9 | A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and | 2022-04-04 19:13:00 | 2022-03-28 18:15:00 |
| CVE-2022-0397 | 3.5 | The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlist_quickview AJAX action's response (available to any authenticated user), leading to a Reflect | 2022-04-04 19:08:00 | 2022-03-28 18:15:00 |
| CVE-2021-25068 | 6.5 | The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feed_id' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard | 2022-04-04 19:04:00 | 2022-03-28 18:15:00 |
| CVE-2021-25071 | 4.3 | The WordPress plugin through 2.0.1 does not sanitise and escape the translation parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | 2022-04-04 19:03:00 | 2022-03-28 18:15:00 |
| CVE-2021-25070 | 7.5 | The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue | 2022-04-04 19:02:00 | 2022-03-28 18:15:00 |
| CVE-2021-42970 | 4.3 | Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 via the imgurl of /feedback/post/ content parameter. | 2022-04-04 19:00:00 | 2022-03-29 18:15:00 |
| CVE-2022-0784 | 7.5 | The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injectio | 2022-04-04 18:55:00 | 2022-03-28 18:15:00 |
| CVE-2022-0770 | 6.8 | The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining th | 2022-04-04 18:55:00 | 2022-03-28 18:15:00 |
| CVE-2022-23901 | 7.5 | A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc. | 2022-04-04 18:53:00 | 2022-03-29 12:15:00 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/34494
Zapisa po stranici: