Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 241934 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-03-18 | CVE-2024-25654 | cve | Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access cred... |
N/A | 2024-03-18 | CVE-2024-25655 | cve | Insecure storage of LDAP passwords in the authentication functionality of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allows members (with read access to the ap... |
N/A | 2024-03-18 | CVE-2024-25656 | cve | Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS can result in unauthenticated CPE (Customer Premises Equipment) devices storing arbitra... |
N/A | 2024-03-18 | CVE-2024-25657 | cve | An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authentica... |
N/A | 2024-03-18 | CVE-2024-22412 | cve | ClickHouse is an open-source column-oriented database management system. A bug exists in the cloud ClickHouse offering prior to version 24.0.2.54535 and in github.com/clickhouse... |
N/A | 2024-03-18 | CVE-2024-23333 | cve | LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior... |
N/A | 2024-03-18 | CVE-2024-2604 | cve | A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php... |
N/A | 2024-03-18 | CVE-2024-1331 | cve | The Team Members WordPress plugin before 5.3.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is em... |
N/A | 2024-03-18 | CVE-2024-1333 | cve | The Responsive Pricing Table WordPress plugin before 5.1.11 does not validate and escape some of its Pricing Table options before outputting them back in a page/post where the r... |
N/A | 2024-03-18 | CVE-2024-1658 | cve | The Grid Shortcodes WordPress plugin before 1.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is... |
7.8 | 2024-03-18 | CVE-2024-20752 | cve | Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Explo... |
7.8 | 2024-03-18 | CVE-2024-20755 | cve | Bridge versions 13.0.5, 14.0.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current... |
7.8 | 2024-03-18 | CVE-2024-20756 | cve | Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.... |
5.5 | 2024-03-18 | CVE-2024-20757 | cve | Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this... |
N/A | 2024-03-18 | CVE-2024-27930 | cve | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sen... |
N/A | 2024-03-18 | CVE-2024-27937 | cve | GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the... |
N/A | 2024-03-18 | CVE-2024-2050 | cve | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an attacker injects then executes arbitrary malicious Jav... |
N/A | 2024-03-18 | CVE-2024-2051 | cve | CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker... |
N/A | 2024-03-18 | CVE-2024-2052 | cve | CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could allow unauthenticated files and logs exfiltration and download of files when an att... |
N/A | 2024-03-18 | CVE-2024-2229 | cve | CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid u... |
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 241934 |