| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 9031 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.1 | 2023-01-16 | CVE-2022-4309 | cve | The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowin... |
| 3.5 | 2023-01-13 | CVE-2023-22489 | cve | Flarum is a discussion platform for websites. If the first post of a discussion is permanently deleted but the discussion stays visible, any actor who can view the discussion is... |
| 3.8 | 2023-01-13 | CVE-2023-0091 | cve | A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modi... |
| 3.8 | 2023-01-12 | CVE-2022-4342 | cve | An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.1 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 1... |
| 2.4 | 2023-01-11 | CVE-2023-20528 | cve | Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality. |
| 3.5 | 2023-01-10 | CVE-2023-22469 | cve | Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck car... |
| 3.3 | 2023-01-10 | CVE-2023-21759 | cve | Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability |
| 3.1 | 2023-01-09 | CVE-2022-4102 | cve | The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is... |
| 2.1 | 2023-01-09 | CVE-2023-22473 | cve | Talk-Android enables users to have video & audio calls through Nextcloud on Android. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and vi... |
| 3.5 | 2023-01-09 | CVE-2022-3343 | cve | The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already f... |
| 3.5 | 2023-01-05 | CVE-2022-46168 | cve | Discourse is an option source discussion platform. Prior to version 2.8.14 on the `stable` branch and version 2.9.0.beta15 on the `beta` and `tests-passed` branches, recipients ... |
| 2.7 | 2023-01-02 | CVE-2022-4109 | cve | The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to do... |
| 3.3 | 2023-01-01 | CVE-2022-47952 | cve | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed t... |
| 3.3 | 2022-12-30 | CVE-2022-42266 | cve | NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an unprivileged regular user can cause ex... |
| 3.3 | 2022-12-28 | CVE-2022-4773 | cve | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/jav... |
| 3.7 | 2022-12-27 | CVE-2022-2583 | cve | A race condition can cause incorrect HTTP request routing. |
| 3.7 | 2022-12-27 | CVE-2022-45430 | cve | Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific cr... |
| 2.7 | 2022-12-27 | CVE-2022-45428 | cve | Some Dahua software products have a vulnerability of sensitive information leakage. After obtaining the permissions of administrators, by sending a specific crafted packet to th... |
| 3.7 | 2022-12-27 | CVE-2022-45433 | cve | Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a spe... |
| 3.3 | 2022-12-22 | CVE-2022-42931 | cve | Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Fo... |
| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 9031 |
