| Page(s) : 1 ... 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 [1090] 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 ... | Result(s) : 327198 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-02-04 | CVE-2024-13356 | cve | The DSGVO All in one for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6. This is due to missing or incorrect nonce... |
| 6.1 | 2025-02-04 | CVE-2024-13510 | cve | The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.10. This is due to missing or incorrect nonce validation ... |
| 6.5 | 2025-02-04 | CVE-2024-13529 | cve | The SocialV - Social Network and Community BuddyPress Theme theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'socia... |
| 5.4 | 2025-02-04 | CVE-2024-13733 | cve | The SKT Blocks – Gutenberg based Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's skt-blocks/post-carousel block in all versi... |
| 8.8 | 2025-02-04 | CVE-2024-40890 | cve | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_2... |
| 8.8 | 2025-02-04 | CVE-2024-40891 | cve | **UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAF... |
| N/A | 2025-02-04 | CVE-2025-23015 | cve | Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted C... |
| 7.5 | 2025-02-04 | CVE-2025-22475 | cve | Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote at... |
| N/A | 2025-02-04 | CVE-2025-24982 | cve | Cross-site request forgery vulnerability exists in Activity Log WinterLock versions prior to 1.2.5. If a user views a malicious page while logged in, the log data may be deleted. |
| N/A | 2025-02-04 | CVE-2025-1003 | cve | A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. HP is releas... |
| N/A | 2025-02-03 | CVE-2025-0148 | cve | Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent ne... |
| N/A | 2025-02-03 | CVE-2024-12510 | cve | If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup. |
| 6.1 | 2025-02-03 | CVE-2024-50656 | cve | itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php. |
| N/A | 2025-02-03 | CVE-2024-57004 | cve | Cross-Site Scripting (XSS) vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading to the triggerin... |
| N/A | 2025-02-03 | CVE-2024-57237 | cve | Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter ... |
| N/A | 2025-02-03 | CVE-2024-57238 | cve | Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/proc_get endpoint. The vulnerability allows an attacker to manipulate SQL querie... |
| 5.4 | 2025-02-03 | CVE-2024-11132 | cve | The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9 due to insufficient input sanitization and o... |
| 5.3 | 2025-02-03 | CVE-2024-11133 | cve | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function in all ve... |
| 6.5 | 2025-02-03 | CVE-2024-11134 | cve | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all ve... |
| N/A | 2025-02-03 | CVE-2024-12511 | cve | With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access. |
| Page(s) : 1 ... 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 [1090] 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 ... | Result(s) : 327198 |
