| Page(s) : 1 ... 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 [1085] 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 ... | Result(s) : 327161 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-02-04 | CVE-2024-13699 | cve | The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursor’ parameter in all versions up to, and including, 1.8.7 due to insuf... |
| N/A | 2025-02-04 | CVE-2024-11623 | cve | Authentik project is vulnerable to Stored XSS attacks through uploading crafted SVG files that are used as application icons. This action could only be performed by an authenti... |
| 6.5 | 2025-02-04 | CVE-2025-0510 | cve | Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. This vulnerability affect... |
| 9.8 | 2025-02-04 | CVE-2025-1009 | cve | An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20,... |
| 8.8 | 2025-02-04 | CVE-2025-1010 | cve | An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < ... |
| 8.8 | 2025-02-04 | CVE-2025-1011 | cve | A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability affects... |
| 7.5 | 2025-02-04 | CVE-2025-1012 | cve | A race during concurrent delazification could have led to a use-after-free. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 12... |
| N/A | 2025-02-04 | CVE-2025-1013 | cve | A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affect... |
| 8.8 | 2025-02-04 | CVE-2025-1014 | cve | Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR... |
| 5.4 | 2025-02-04 | CVE-2025-1015 | cve | The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a f... |
| 9.8 | 2025-02-04 | CVE-2025-1016 | cve | Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence ... |
| 9.8 | 2025-02-04 | CVE-2025-1017 | cve | Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that... |
| 5.3 | 2025-02-04 | CVE-2025-1018 | cve | The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. Thi... |
| 4.3 | 2025-02-04 | CVE-2025-1019 | cve | The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability... |
| 9.8 | 2025-02-04 | CVE-2025-1020 | cve | Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could... |
| N/A | 2025-02-04 | CVE-2024-13114 | cve | The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Refl... |
| N/A | 2025-02-04 | CVE-2024-13115 | cve | The WP Projects Portfolio with Client Testimonials WordPress plugin through 3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which c... |
| N/A | 2025-02-04 | CVE-2024-13325 | cve | The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could... |
| N/A | 2025-02-04 | CVE-2024-13326 | cve | The iBuildApp WordPress plugin through 0.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co... |
| N/A | 2025-02-04 | CVE-2024-13327 | cve | The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... |
| Page(s) : 1 ... 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 [1085] 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 ... | Result(s) : 327161 |
