| Page(s) : 1 ... 93 94 95 96 97 98 99 100 101 102 [103] 104 105 106 107 108 109 110 111 112 113 ... | Result(s) : 114980 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.1 | 2025-03-20 | CVE-2024-9900 | cve | mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user inp... |
| 5.4 | 2025-03-20 | CVE-2025-0281 | cve | A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier. An attacker can inject malicious JavaScript into the SAML IdP XML metada... |
| 5.5 | 2025-03-20 | CVE-2025-1474 | cve | In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without pas... |
| 6.1 | 2025-03-19 | CVE-2024-55009 | cve | A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript... |
| 5.8 | 2025-03-19 | CVE-2025-23382 | cve | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A... |
| 5.5 | 2025-03-19 | CVE-2025-26475 | cve | Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore setting which enhances security by keeping containers running during daemon restarts... |
| 5.4 | 2025-03-19 | CVE-2024-53967 | cve | Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in th... |
| 5.4 | 2025-03-19 | CVE-2024-53968 | cve | Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in th... |
| 5.4 | 2025-03-19 | CVE-2024-53969 | cve | Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code in th... |
| 5.4 | 2025-03-19 | CVE-2024-53970 | cve | Adobe Experience Manager versions 6.5.21 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to injec... |
| 4.3 | 2025-03-19 | CVE-2024-25132 | cve | A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed ... |
| 5.3 | 2025-03-19 | CVE-2025-29925 | cve | XWiki Platform is a generic wiki platform. Prior to 15.10.14, 16.4.6, and 16.10.0-rc-1, protected pages are listed when requesting the REST endpoints /rest/wikis/[wikiName]/page... |
| 4.3 | 2025-03-19 | CVE-2024-7631 | cve | A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters ... |
| 4.7 | 2025-03-19 | CVE-2024-45644 | cve | IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. |
| 4.9 | 2025-03-19 | CVE-2025-2511 | cve | The AHAthat Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 1.6 due to insufficient ... |
| 5.3 | 2025-03-19 | CVE-2025-2290 | cve | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Post Trashing due to a missing capability check on the dele... |
| 4.1 | 2025-03-18 | CVE-2024-49822 | cve | IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the syste... |
| 5.3 | 2025-03-18 | CVE-2024-41975 | cve | An unauthenticated remote attacker can gain limited information of the PLC network but the user management of the PLCs prevents the actual access to the PLCs. |
| 6.6 | 2025-03-18 | CVE-2025-0694 | cve | Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access. |
| 5.4 | 2025-03-17 | CVE-2025-26393 | cve | SolarWinds Service Desk is affected by a broken access control vulnerability. The issue allows authenticated users to escalate privileges, leading to unauthorized data manipulat... |
| Page(s) : 1 ... 93 94 95 96 97 98 99 100 101 102 [103] 104 105 106 107 108 109 110 111 112 113 ... | Result(s) : 114980 |
