| Page(s) : 1 ... 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 [1133] 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 ... | Result(s) : 301290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-01-23 | CVE-2024-13236 | cve | The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id' parameter in all versions up to, and including, 0.21.12 due to insufficient es... |
| 5.4 | 2025-01-23 | CVE-2024-13340 | cve | The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdf_results_by_ajax' shortcode in a... |
| 5.4 | 2025-01-23 | CVE-2024-13389 | cve | The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cliptakes_input_email' shortcode in all versions up to, and incl... |
| 6.1 | 2025-01-23 | CVE-2024-13422 | cve | The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter in all versio... |
| 9.8 | 2025-01-23 | CVE-2025-23006 | cve | Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), wh... |
| 5.5 | 2025-01-23 | CVE-2024-10539 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using ... |
| N/A | 2025-01-23 | CVE-2024-57947 | cve | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must... |
| N/A | 2025-01-23 | CVE-2024-43707 | cve | An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive info... |
| N/A | 2025-01-23 | CVE-2024-43710 | cve | A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the natur... |
| N/A | 2025-01-23 | CVE-2025-24529 | cve | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab. |
| N/A | 2025-01-23 | CVE-2025-24530 | cve | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for... |
| N/A | 2025-01-23 | CVE-2024-52972 | cve | An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by ... |
| N/A | 2025-01-23 | CVE-2024-52975 | cve | An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive infor... |
| N/A | 2025-01-23 | CVE-2024-53299 | cve | The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to up... |
| N/A | 2025-01-23 | CVE-2024-12957 | cve | A file handling command vulnerability in certain versions of Armoury Crate may result in arbitrary file deletion. Refer to the '01/23/2025 Security Update for Armoury Crate... |
| 4.3 | 2025-01-23 | CVE-2024-13511 | cve | The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings rese... |
| 8.8 | 2025-01-23 | CVE-2024-13593 | cve | The BMLT Meeting Map plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.0 via the 'bmlt_meeting_map' shortcode. This ... |
| N/A | 2025-01-23 | CVE-2024-42182 | cve | BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server... |
| N/A | 2025-01-23 | CVE-2024-57719 | cve | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0. |
| N/A | 2025-01-23 | CVE-2024-57720 | cve | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. |
| Page(s) : 1 ... 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 [1133] 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 ... | Result(s) : 301290 |
