Page(s) : 1 ... 16 17 18 19 20 21 22 23 24 25 [26] 27 28 29 30 31 32 33 34 35 36 ... | Result(s) : 89820 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
8.8 | 2024-02-09 | CVE-2024-25677 | cve | In Min before 1.31.0, local files are not correctly treated as unique security origins, which allows them to improperly request cross-origin resources. For example, a local file... |
8.8 | 2024-02-09 | CVE-2023-45187 | cve | IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user ... |
7.5 | 2024-02-09 | CVE-2023-45191 | cve | IBM Engineering Lifecycle Optimization 7.0.2 and 7.0.3 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-F... |
7.8 | 2024-02-09 | CVE-2024-23639 | cve | Micronaut Framework is a modern, JVM-based, full stack Java framework designed for building modular, easily testable JVM applications with support for Java, Kotlin and the Groov... |
8.8 | 2024-02-09 | CVE-2024-24819 | cve | icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class `gipfl\Web\Form` is the base for various concrete form i... |
8.1 | 2024-02-09 | CVE-2023-51761 | cve | In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities. |
7.5 | 2024-02-09 | CVE-2024-0842 | cve | The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct acce... |
8.3 | 2024-02-09 | CVE-2024-24820 | cve | Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environm... |
7.8 | 2024-02-09 | CVE-2024-24821 | cve | Composer is a dependency Manager for the PHP language. In affected versions several files within the local working directory are included during the invocation of Composer and i... |
7.5 | 2024-02-09 | CVE-2024-24825 | cve | DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended... |
8.8 | 2024-02-08 | CVE-2023-40263 | cve | An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It allows authenticated command injection via ftp. |
7.5 | 2024-02-08 | CVE-2023-47131 | cve | The N-able PassPortal extension before 3.29.2 for Chrome inserts sensitive information into a log file. |
8.8 | 2024-02-08 | CVE-2024-24830 | cve | OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A vulnerability has been identified in the "... |
7 | 2024-02-08 | CVE-2024-22795 | cve | Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. |
7.5 | 2024-02-08 | CVE-2024-1329 | cve | HashiCorp Nomad and Nomad Enterprise 1.5.13 up to 1.6.6, and 1.7.3 template renderer is vulnerable to arbitrary file write on the host as the Nomad client user through symlink a... |
7.5 | 2024-02-08 | CVE-2024-23660 | cve | The Binance Trust Wallet app for iOS in commit 3cd6e8f647fbba8b5d8844fcd144365a086b629f, git tag 0.0.4 misuses the trezor-crypto library and consequently generates mnemonic word... |
7.5 | 2024-02-08 | CVE-2024-23756 | cve | The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading... |
7.8 | 2024-02-08 | CVE-2023-25365 | cve | Cross Site Scripting vulnerability found in October CMS v.3.2.0 allows local attacker to execute arbitrary code via the file type .mp3 |
8.8 | 2024-02-08 | CVE-2023-27001 | cve | An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege esc... |
8.8 | 2024-02-08 | CVE-2023-40265 | cve | An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. It allows authenticated remote code execution via file upload. |
Page(s) : 1 ... 16 17 18 19 20 21 22 23 24 25 [26] 27 28 29 30 31 32 33 34 35 36 ... | Result(s) : 89820 |