Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... Result(s) : 301176

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
5.4 2025-01-28 CVE-2024-13521 cve The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect no...
5.4 2025-01-28 CVE-2025-0321 cve The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insuff...
5.4 2025-01-28 CVE-2024-13527 cve The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all ...
N/A 2025-01-28 CVE-2024-23953 cve Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attac...
N/A 2025-01-28 CVE-2025-0290 cve An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain c...
N/A 2025-01-28 CVE-2025-0736 cve A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration detai...
N/A 2025-01-28 CVE-2025-0750 cve A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to creat...
6.3 2025-01-28 CVE-2025-0752 cve A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to i...
4.3 2025-01-28 CVE-2025-0754 cve The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for ...
N/A 2025-01-28 CVE-2022-3365 cve Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emo...
9.8 2025-01-28 CVE-2023-50316 cve IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, wh...
N/A 2025-01-28 CVE-2024-12647 cve Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the a...
N/A 2025-01-28 CVE-2024-12648 cve Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the a...
N/A 2025-01-28 CVE-2024-12649 cve Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affect...
5.3 2025-01-28 CVE-2024-27263 cve IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man...
4 2025-01-28 CVE-2024-22315 cve IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an ext...
N/A 2025-01-28 CVE-2024-45336 cve The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com...
N/A 2025-01-28 CVE-2024-45339 cve When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link...
N/A 2025-01-28 CVE-2024-45340 cve Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. B...
N/A 2025-01-28 CVE-2024-45341 cve A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URI...
Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... Result(s) : 301176