Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... Result(s) : 241934

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2024-03-18 CVE-2024-25654 cve Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access cred...
N/A 2024-03-18 CVE-2024-25655 cve Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the ap...
N/A 2024-03-18 CVE-2024-25656 cve Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitra...
N/A 2024-03-18 CVE-2024-25657 cve An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authentica...
N/A 2024-03-18 CVE-2024-22412 cve ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse...
N/A 2024-03-18 CVE-2024-23333 cve LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior...
N/A 2024-03-18 CVE-2024-2604 cve A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php...
N/A 2024-03-18 CVE-2024-1331 cve The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is em...
N/A 2024-03-18 CVE-2024-1333 cve The Responsive Pricing Table WordPress plugin before 5.1.11 does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the r...
N/A 2024-03-18 CVE-2024-1658 cve The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is...
7.8 2024-03-18 CVE-2024-20752 cve Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Explo...
7.8 2024-03-18 CVE-2024-20755 cve Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current...
7.8 2024-03-18 CVE-2024-20756 cve Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user....
5.5 2024-03-18 CVE-2024-20757 cve Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this...
N/A 2024-03-18 CVE-2024-27930 cve GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sen...
N/A 2024-03-18 CVE-2024-27937 cve GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the...
N/A 2024-03-18 CVE-2024-2050 cve CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an attacker injects then executes arbitrary malicious Jav...
N/A 2024-03-18 CVE-2024-2051 cve CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker...
N/A 2024-03-18 CVE-2024-2052 cve CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could allow unauthenticated files and logs exfiltration and download of files when an att...
N/A 2024-03-18 CVE-2024-2229 cve CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid u...
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... Result(s) : 241934