| Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... | Result(s) : 301176 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-01-28 | CVE-2024-13521 | cve | The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect no... |
| 5.4 | 2025-01-28 | CVE-2025-0321 | cve | The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insuff... |
| 5.4 | 2025-01-28 | CVE-2024-13527 | cve | The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all ... |
| N/A | 2025-01-28 | CVE-2024-23953 | cve | Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attac... |
| N/A | 2025-01-28 | CVE-2025-0290 | cve | An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain c... |
| N/A | 2025-01-28 | CVE-2025-0736 | cve | A flaw was found in Infinispan, when using JGroups with JDBC_PING. This issue occurs when an application inadvertently exposes sensitive information, such as configuration detai... |
| N/A | 2025-01-28 | CVE-2025-0750 | cve | A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to creat... |
| 6.3 | 2025-01-28 | CVE-2025-0752 | cve | A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to i... |
| 4.3 | 2025-01-28 | CVE-2025-0754 | cve | The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for ... |
| N/A | 2025-01-28 | CVE-2022-3365 | cve | Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emo... |
| 9.8 | 2025-01-28 | CVE-2023-50316 | cve | IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, wh... |
| N/A | 2025-01-28 | CVE-2024-12647 | cve | Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the a... |
| N/A | 2025-01-28 | CVE-2024-12648 | cve | Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the a... |
| N/A | 2025-01-28 | CVE-2024-12649 | cve | Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affect... |
| 5.3 | 2025-01-28 | CVE-2024-27263 | cve | IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man... |
| 4 | 2025-01-28 | CVE-2024-22315 | cve | IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an ext... |
| N/A | 2025-01-28 | CVE-2024-45336 | cve | The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com... |
| N/A | 2025-01-28 | CVE-2024-45339 | cve | When logs are written to a widely-writable directory (the default), an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link... |
| N/A | 2025-01-28 | CVE-2024-45340 | cve | Credentials provided via the new GOAUTH feature were not being properly segmented by domain, allowing a malicious server to request credentials they should not have access to. B... |
| N/A | 2025-01-28 | CVE-2024-45341 | cve | A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain. Certificates containing URI... |
| Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... | Result(s) : 301176 |
