| Page(s) : 1 ... 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 [1131] 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 ... | Result(s) : 301290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-23 | CVE-2025-23724 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oleksandr Ustymenko University Quizzes Online allows Reflected XS... |
| N/A | 2025-01-23 | CVE-2025-23725 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TaskMeister Accessibility Task Manager allows Reflected XSS. This... |
| N/A | 2025-01-23 | CVE-2025-23727 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AZ Content Finder allows Reflected XSS. This issue affec... |
| N/A | 2025-01-23 | CVE-2025-23729 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fures XTRA Settings allows Reflected XSS. This issue affects XTRA... |
| N/A | 2025-01-23 | CVE-2025-23730 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FLX Dashboard Groups allows Reflected XSS. This issue af... |
| N/A | 2025-01-23 | CVE-2025-23733 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sayocode SC Simple Zazzle allows Reflected XSS. This issue affect... |
| N/A | 2025-01-23 | CVE-2025-23834 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Links/Problem Reporter allows Reflected XSS. This issue ... |
| N/A | 2025-01-23 | CVE-2025-23835 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Legal + allows Reflected XSS. This issue affects Legal +... |
| N/A | 2025-01-23 | CVE-2025-23836 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SuryaBhan Custom Coming Soon allows Reflected XSS. This issue aff... |
| N/A | 2025-01-23 | CVE-2025-23894 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tatsuya Fukata, Alexander Ovsov wp-flickr-press allows Reflected ... |
| N/A | 2025-01-23 | CVE-2025-23960 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL allows Reflected XSS. Thi... |
| N/A | 2025-01-23 | CVE-2024-11147 | cve | ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root. |
| N/A | 2025-01-23 | CVE-2024-12078 | cve | ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. An unauthenticated attacker within BLE range can control any robot using the ... |
| N/A | 2025-01-23 | CVE-2024-12079 | cve | ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism. |
| N/A | 2025-01-23 | CVE-2024-52327 | cve | The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed. |
| N/A | 2025-01-23 | CVE-2024-52328 | cve | ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. An attacker with access to the /data filesystem can delete or modify wa... |
| N/A | 2025-01-23 | CVE-2024-52329 | cve | ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authenticati... |
| N/A | 2025-01-23 | CVE-2024-52330 | cve | ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates. |
| N/A | 2025-01-23 | CVE-2024-52331 | cve | ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successful... |
| N/A | 2025-01-23 | CVE-2024-55925 | cve | In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header witho... |
| Page(s) : 1 ... 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 [1131] 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 ... | Result(s) : 301290 |
