Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 [1132] 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 ... Result(s) : 301290

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-01-23 CVE-2025-0650 cve A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical sw...
6 2025-01-23 CVE-2024-45672 cve IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a...
N/A 2025-01-23 CVE-2024-55926 cve A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validat...
N/A 2025-01-23 CVE-2024-55927 cve A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading...
N/A 2025-01-23 CVE-2024-55928 cve Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption
N/A 2025-01-23 CVE-2024-55929 cve A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources.
N/A 2025-01-23 CVE-2024-55930 cve Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files
N/A 2025-01-23 CVE-2025-22153 cve RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in v...
6.4 2025-01-23 CVE-2025-23227 cve IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed...
N/A 2025-01-23 CVE-2025-24033 cve @fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded te...
N/A 2025-01-23 CVE-2025-24034 cve Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to le...
N/A 2025-01-23 CVE-2025-24353 cve Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It ...
5.4 2025-01-23 CVE-2024-12043 cve The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
9.8 2025-01-23 CVE-2024-13234 cve The Product Table by WBW plugin for WordPress is vulnerable to SQL Injection via the 'additionalCondition' parameter in all versions up to, and including, 2.1.2 due to...
N/A 2025-01-23 CVE-2024-43708 cve An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of inputs in Kibana UI. This can be carri...
N/A 2025-01-23 CVE-2025-0619 cve Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords
N/A 2025-01-23 CVE-2025-0635 cve Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions.
N/A 2025-01-23 CVE-2025-0648 cve Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via conf...
5.4 2025-01-23 CVE-2024-12118 cve The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the html_tag attribute in all versions up to...
5.4 2025-01-23 CVE-2024-12504 cve The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhi...
Page(s) : 1 ... 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 [1132] 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 ... Result(s) : 301290