| Page(s) : 1 ... 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 [1047] 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 ... | Result(s) : 300883 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-04 | CVE-2025-20906 | cve | Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. |
| 4.4 | 2025-02-04 | CVE-2025-20907 | cve | Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find. |
| N/A | 2025-02-04 | CVE-2025-22204 | cve | Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability. |
| N/A | 2025-02-04 | CVE-2025-22205 | cve | Improper handling of input variables lead to multiple path traversal vulnerabilities in the Admiror Gallery extension for Joomla in version branch 4.x. |
| 6.4 | 2025-02-04 | CVE-2024-13403 | cve | The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fieldHTM... |
| 6.5 | 2025-02-04 | CVE-2024-13356 | cve | The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6. This is due to missing or incorrect nonce... |
| 6.1 | 2025-02-04 | CVE-2024-13510 | cve | The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.10. This is due to missing or incorrect nonce validation ... |
| 6.5 | 2025-02-04 | CVE-2024-13529 | cve | The SocialV - Social Network and Community BuddyPress Theme theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'socia... |
| 5.4 | 2025-02-04 | CVE-2024-13733 | cve | The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's skt-blocks/post-carousel block in all versi... |
| 8.8 | 2025-02-04 | CVE-2024-40890 | cve | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_2... |
| 8.8 | 2025-02-04 | CVE-2024-40891 | cve | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAF... |
| N/A | 2025-02-04 | CVE-2025-23015 | cve | Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted C... |
| 7.5 | 2025-02-04 | CVE-2025-22475 | cve | Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote at... |
| N/A | 2025-02-04 | CVE-2025-24982 | cve | Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2.5. If a user views a malicious page while logged in, the log data may be deleted. |
| N/A | 2025-02-04 | CVE-2025-1003 | cve | A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releas... |
| N/A | 2025-02-03 | CVE-2025-0148 | cve | Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent ne... |
| N/A | 2025-02-03 | CVE-2024-12510 | cve | If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup. |
| 6.1 | 2025-02-03 | CVE-2024-50656 | cve | itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php. |
| N/A | 2025-02-03 | CVE-2024-57004 | cve | Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggerin... |
| N/A | 2025-02-03 | CVE-2024-57237 | cve | Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter ... |
| Page(s) : 1 ... 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 [1047] 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 ... | Result(s) : 300883 |
