Skip to content
GeekWire
  • Home
  • News
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • Security
    • Books
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • Archive
  • About
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
GeekWire
  • Home
  • News
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • Security
    • Books
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • Archive
  • About
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

NVD

CVE-2020-17532 – When handler-router component is enabled in servicecomb-java-chassis, authenticated user m …

25 January 2021

When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code …

Tags NVD

CVE-2021-23901 – An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParse …

25 January 2021

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < …

Tags NVD

CVE-2020-12514 – Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointe …

22 January 2021

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in …

Tags NVD

CVE-2020-12525 – M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and …

22 January 2021

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of …

Tags NVD

CVE-2021-22847 – Hyweb HyCMS-J1’s API fail to filter POST request parameters. Remote attackers can inject S …

22 January 2021

Hyweb HyCMS-J1’s API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without …

Tags NVD

CVE-2021-22849 – Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after lo …

22 January 2021

Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after log-in can inject JavaScript syntax to perform a …

Tags NVD

CVE-2020-28488 – This affects all versions of package jquery-ui; all versions of package org.fujion.webjars …

22 January 2021

This affects all versions of package jquery-ui; all versions of package org.fujion.webjars:jquery-ui.
When the "dialog" is …

Tags NVD

CVE-2020-28487 – This affects the package vis-timeline before 7.4.4. An attacker with the ability to contr …

22 January 2021

This affects the package vis-timeline before 7.4.4.
An attacker with the ability to control the items of a Timeline element can inject …

Tags NVD

CVE-2020-4766 – IBM MQ Internet Pass-Thru 2.1 and 9.2 could allow a remote user to cause a denial of servi …

22 January 2021

IBM MQ Internet Pass-Thru 2.1 and 9.2 could allow a remote user to cause a denial of service by sending malformed MQ data requests which …

Tags NVD

CVE-2021-21259 – HedgeDoc is open source software which lets you create real-time collaborative markdown no …

22 January 2021

HedgeDoc is open source software which lets you create real-time collaborative markdown notes. In HedgeDoc before version 1.7.2, an …

Tags NVD

CVE-2021-21260 – Online Invoicing System (OIS) is open source software which is a lean invoicing system for …

22 January 2021

Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers …

Tags NVD

CVE-2021-21270 – OctopusDSC is a PowerShell module with DSC resources that can be used to install and confi …

22 January 2021

OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. …

Tags NVD
Post navigation
Older posts
Page1 Page2 … Page3,235 Next →
Cookie-Free

NVD

CVE-2020-17532 – When handler-router component is enabled in servicecomb-java-chassis, authenticated user m …

25 January 2021

CVE-2021-23901 – An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParse …

25 January 2021

CVE-2020-12514 – Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointe …

22 January 2021

CVE-2020-12525 – M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and …

22 January 2021

CVE-2021-22847 – Hyweb HyCMS-J1’s API fail to filter POST request parameters. Remote attackers can inject S …

22 January 2021

CVE-2021-22849 – Hyweb HyCMS-J1 backend editing function does not filter special characters. Users after lo …

22 January 2021

EXPLOITS

Library System 1.0 – ‘category’ SQL Injection

25 January 2021

CASAP Automated Enrollment System 1.0 – ‘route’ Stored XSS

25 January 2021

CASAP Automated Enrollment System 1.0 – ‘First Name’ Stored XSS

25 January 2021

Collabtive 3.1 – ‘address’ Persistent Cross-Site Scripting

25 January 2021

MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF

25 January 2021

Atlassian Confluence Widget Connector Macro – SSTI

22 January 2021

SECURELIST

Sunburst backdoor – code overlaps with Kazuar

11 January 2021

Digital Footprint Intelligence Report

29 December 2020

How we protect our users against the Sunburst backdoor

23 December 2020

Lazarus covets COVID-19-related intelligence

23 December 2020

Sunburst: connecting the dots in the DNS requests

18 December 2020

The future of cyberconflicts

18 December 2020

Information Cyber Network Enterprise Security News

© 2021 GeekWire | Privacy Policy | Cookie-Free | We are not responsible for the content of external sites.