Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ... | Result(s) : 297997 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2025-06-12 | CVE-2025-27689 | cve | Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this v... |
N/A | 2025-06-12 | CVE-2025-44091 | cve | yangyouwang crud v1.0.0 is vulnerable to Cross Site Scripting (XSS) via the role management function. |
N/A | 2025-06-12 | CVE-2025-49589 | cve | PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of PCSX2 versions up to 2.3.414. Opening a disc im... |
N/A | 2025-06-12 | CVE-2024-9512 | cve | An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private reposi... |
N/A | 2025-06-12 | CVE-2025-49181 | cve | Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to... |
N/A | 2025-06-12 | CVE-2025-49182 | cve | Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application. |
N/A | 2025-06-12 | CVE-2025-49183 | cve | All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of informa... |
N/A | 2025-06-12 | CVE-2025-49184 | cve | A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product. |
N/A | 2025-06-12 | CVE-2025-49185 | cve | The web application is susceptible to cross-site-scripting attacks. An attacker who can create new dashboard widgets can inject malicious JavaScript code into the Transform Func... |
N/A | 2025-06-12 | CVE-2025-49186 | cve | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susceptible to brute-force attacks. |
N/A | 2025-06-12 | CVE-2025-49187 | cve | For failed login attempts, the application returns different error messages depending on whether the login failed due to an incorrect password or a non-existing username. This a... |
N/A | 2025-06-12 | CVE-2025-49188 | cve | The application sends user credentials as URL parameters instead of POST bodies, making it vulnerable to information gathering. |
N/A | 2025-06-12 | CVE-2025-49189 | cve | The HttpOnlyflag of the session cookie \"@@\" is set to false. Since this flag helps preventing access to cookies via client-side scripts, setting the flag to false can lead to ... |
N/A | 2025-06-12 | CVE-2025-49190 | cve | The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports. |
N/A | 2025-06-12 | CVE-2025-49191 | cve | Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other us... |
N/A | 2025-06-12 | CVE-2024-56158 | cve | XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does n... |
N/A | 2025-06-12 | CVE-2025-49192 | cve | The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different... |
N/A | 2025-06-12 | CVE-2025-49193 | cve | The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to... |
N/A | 2025-06-12 | CVE-2025-49194 | cve | The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and th... |
N/A | 2025-06-12 | CVE-2025-49195 | cve | The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker to brute-force user passwords and potentially compromising the FTP server. |
Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ... | Result(s) : 297997 |