| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 325720 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-07-03 | CVE-2025-1710 | cve | The maxView Storage Manager does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-f... |
| N/A | 2025-07-03 | CVE-2025-1711 | cve | Multiple services of the DUT as well as different scopes of the same service reuse the same credentials. |
| N/A | 2025-07-03 | CVE-2025-27447 | cve | The web application is susceptible to cross-site-scripting attacks. An attacker can create a prepared URL, which injects JavaScript code into the website. The code is executed i... |
| N/A | 2025-07-03 | CVE-2025-27448 | cve | The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboards can inject JavaScript code into the dashboard name which will be ex... |
| N/A | 2025-07-03 | CVE-2025-27449 | cve | The MEAC300-FNADE4 does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force atta... |
| N/A | 2025-07-03 | CVE-2025-27450 | cve | The Secure attribute is missing on multiple cookies provided by the MEAC300-FNADE4. An attacker can trick a user to establish an unencrypted HTTP connection to the server and in... |
| N/A | 2025-07-03 | CVE-2025-27451 | cve | For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This a... |
| N/A | 2025-07-03 | CVE-2025-27452 | cve | The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There are modules activated that are not required for the op... |
| N/A | 2025-07-03 | CVE-2025-27453 | cve | The HttpOnly flag is set to false on the PHPSESSION cookie. Therefore, the cookie can be accessed by other sources such as JavaScript. |
| N/A | 2025-07-03 | CVE-2025-27454 | cve | The application is vulnerable to cross-site request forgery. An attacker can trick a valid, logged in user into submitting a web request that they did not intend. The request us... |
| N/A | 2025-07-03 | CVE-2025-27455 | cve | The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different... |
| N/A | 2025-07-03 | CVE-2025-27456 | cve | The SMB server's login mechanism does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible ... |
| N/A | 2025-07-03 | CVE-2025-27457 | cve | All communication between the VNC server and client(s) is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data. |
| N/A | 2025-07-03 | CVE-2025-27458 | cve | The VNC authentication mechanism bases on a challenge-response system where both server and client use the same password for encryption. The challenge is sent from the server to... |
| N/A | 2025-07-03 | CVE-2025-27459 | cve | The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered. |
| N/A | 2025-07-03 | CVE-2025-27460 | cve | The hard drives of the device are not encrypted using a full volume encryption feature such as BitLocker. This allows an attacker with physical access to the device to use an al... |
| N/A | 2025-07-03 | CVE-2025-27461 | cve | During startup, the device automatically logs in the EPC2 Windows user without requesting a password. |
| 6.4 | 2025-07-03 | CVE-2025-2540 | cve | Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version 3.1.6) in various versions due to insuffi... |
| N/A | 2025-07-03 | CVE-2025-40722 | cve | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input,... |
| N/A | 2025-07-03 | CVE-2025-40723 | cve | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input,... |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 325720 |
