| Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... | Result(s) : 301191 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-28 | CVE-2025-0781 | cve | An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level. |
| N/A | 2025-01-28 | CVE-2024-13484 | cve | A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the n... |
| 6.5 | 2025-01-28 | CVE-2025-23053 | cve | A privilege escalation vulnerability exists in the web-based management interface of HPE Aruba Networking Fabric Composer. Successful exploitation could allow an authenticated l... |
| 6.5 | 2025-01-28 | CVE-2025-23054 | cve | A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an authenticated low privilege operator user to perform operations not ... |
| 5.4 | 2025-01-28 | CVE-2025-23055 | cve | A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XS... |
| 5.4 | 2025-01-28 | CVE-2025-23056 | cve | A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XS... |
| 5.4 | 2025-01-28 | CVE-2025-23057 | cve | A vulnerability in the web management interface of HPE Aruba Networking Fabric Composer could allow an authenticated remote attacker to conduct a stored cross-site scripting (XS... |
| N/A | 2025-01-28 | CVE-2025-0065 | cve | Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unpriv... |
| N/A | 2025-01-28 | CVE-2024-11954 | cve | A vulnerability classified as problematic was found in Pimcore 11.4.2. Affected by this vulnerability is an unknown functionality of the component Search Document. The manipulat... |
| 4.7 | 2025-01-28 | CVE-2024-11956 | cve | A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0. Affected by this issue is some unknown functionality of the fil... |
| N/A | 2025-01-28 | CVE-2024-6351 | cve | A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert |
| N/A | 2025-01-28 | CVE-2024-12723 | cve | The Infility Global WordPress plugin through 2.9.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting wh... |
| N/A | 2025-01-28 | CVE-2024-12807 | cve | The Social Share Buttons for WordPress plugin through 2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stor... |
| 9.8 | 2025-01-28 | CVE-2024-13448 | cve | The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in ... |
| 6.1 | 2025-01-28 | CVE-2024-13509 | cve | The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, ... |
| 5.4 | 2025-01-28 | CVE-2024-13521 | cve | The MailUp Auto Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect no... |
| 5.4 | 2025-01-28 | CVE-2025-0321 | cve | The ElementsKit Pro plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.7.8 due to insuff... |
| 5.4 | 2025-01-28 | CVE-2024-13527 | cve | The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all ... |
| N/A | 2025-01-28 | CVE-2024-23953 | cve | Use of Arrays.equals() in LlapSignerImpl in Apache Hive to compare message signatures allows attacker to forge a valid signature for an arbitrary message byte by byte. The attac... |
| N/A | 2025-01-28 | CVE-2025-0290 | cve | An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain c... |
| Page(s) : 1 ... 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 [1096] 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 ... | Result(s) : 301191 |
