| Page(s) : 1 ... 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 [1148] 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 ... | Result(s) : 301597 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-01-23 | CVE-2024-13234 | cve | The Product Table by WBW plugin for WordPress is vulnerable to SQL Injection via the 'additionalCondition' parameter in all versions up to, and including, 2.1.2 due to... |
| N/A | 2025-01-23 | CVE-2024-43708 | cve | An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of inputs in Kibana UI. This can be carri... |
| N/A | 2025-01-23 | CVE-2025-0619 | cve | Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords |
| N/A | 2025-01-23 | CVE-2025-0635 | cve | Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions. |
| N/A | 2025-01-23 | CVE-2025-0648 | cve | Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via conf... |
| 5.4 | 2025-01-23 | CVE-2024-12118 | cve | The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the html_tag attribute in all versions up to... |
| 5.4 | 2025-01-23 | CVE-2024-12504 | cve | The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhi... |
| 6.5 | 2025-01-23 | CVE-2024-13236 | cve | The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id' parameter in all versions up to, and including, 0.21.12 due to insufficient es... |
| 5.4 | 2025-01-23 | CVE-2024-13340 | cve | The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdf_results_by_ajax' shortcode in a... |
| 5.4 | 2025-01-23 | CVE-2024-13389 | cve | The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cliptakes_input_email' shortcode in all versions up to, and incl... |
| 6.1 | 2025-01-23 | CVE-2024-13422 | cve | The SEO Blogger to WordPress Migration using 301 Redirection plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter in all versio... |
| 9.8 | 2025-01-23 | CVE-2025-23006 | cve | Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), wh... |
| 5.5 | 2025-01-23 | CVE-2024-10539 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Uyumsoft Informatin Systems Uyumsoft ERP allows XSS Using ... |
| N/A | 2025-01-23 | CVE-2024-57947 | cve | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must... |
| N/A | 2025-01-23 | CVE-2024-43707 | cve | An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive info... |
| N/A | 2025-01-23 | CVE-2024-43710 | cve | A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the natur... |
| N/A | 2025-01-23 | CVE-2025-24529 | cve | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab. |
| N/A | 2025-01-23 | CVE-2025-24530 | cve | An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for... |
| N/A | 2025-01-23 | CVE-2024-52972 | cve | An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by ... |
| N/A | 2025-01-23 | CVE-2024-52975 | cve | An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive infor... |
| Page(s) : 1 ... 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 [1148] 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 ... | Result(s) : 301597 |
