Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 [1131] 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 ... Result(s) : 301290

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-01-23 CVE-2025-23724 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oleksandr Ustymenko University Quizzes Online allows Reflected XS...
N/A 2025-01-23 CVE-2025-23725 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TaskMeister Accessibility Task Manager allows Reflected XSS. This...
N/A 2025-01-23 CVE-2025-23727 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AZ Content Finder allows Reflected XSS. This issue affec...
N/A 2025-01-23 CVE-2025-23729 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fures XTRA Settings allows Reflected XSS. This issue affects XTRA...
N/A 2025-01-23 CVE-2025-23730 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FLX Dashboard Groups allows Reflected XSS. This issue af...
N/A 2025-01-23 CVE-2025-23733 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sayocode SC Simple Zazzle allows Reflected XSS. This issue affect...
N/A 2025-01-23 CVE-2025-23834 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Links/Problem Reporter allows Reflected XSS. This issue ...
N/A 2025-01-23 CVE-2025-23835 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Legal + allows Reflected XSS. This issue affects Legal +...
N/A 2025-01-23 CVE-2025-23836 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SuryaBhan Custom Coming Soon allows Reflected XSS. This issue aff...
N/A 2025-01-23 CVE-2025-23894 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tatsuya Fukata, Alexander Ovsov wp-flickr-press allows Reflected ...
N/A 2025-01-23 CVE-2025-23960 cve Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL allows Reflected XSS. Thi...
N/A 2025-01-23 CVE-2024-11147 cve ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root.
N/A 2025-01-23 CVE-2024-12078 cve ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. An unauthenticated attacker within BLE range can control any robot using the ...
N/A 2025-01-23 CVE-2024-12079 cve ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism.
N/A 2025-01-23 CVE-2024-52327 cve The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.
N/A 2025-01-23 CVE-2024-52328 cve ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. An attacker with access to the /data filesystem can delete or modify wa...
N/A 2025-01-23 CVE-2024-52329 cve ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authenticati...
N/A 2025-01-23 CVE-2024-52330 cve ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
N/A 2025-01-23 CVE-2024-52331 cve ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successful...
N/A 2025-01-23 CVE-2024-55925 cve In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header witho...
Page(s) : 1 ... 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 [1131] 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 ... Result(s) : 301290