[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 246699 Download | Alert*

GitLab EE 10.1 through 12.7.2 allows Information Disclosure.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none

GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control.

GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions.

GitLab EE 12.6 and later through 12.7.2 allows Denial of Service.

GitLab EE 8.9 and later through 12.7.2 has Insecure Permission

Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.

sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification).

A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks.


Pages:      Start    11479    11480    11481    11482    11483    11484    11485    11486    11487    11488    11489    11490    11491    11492    ..   24669

© SecPod Technologies