| Page(s) : 1 ... 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 [1160] 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 ... | Result(s) : 327331 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-23 | CVE-2025-23722 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Mind3doM RyeBread Widgets allows Reflected XSS. This iss... |
| N/A | 2025-01-23 | CVE-2025-23723 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plestar Inc Plestar Directory Listing allows Reflected XSS. This ... |
| N/A | 2025-01-23 | CVE-2025-23724 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oleksandr Ustymenko University Quizzes Online allows Reflected XS... |
| N/A | 2025-01-23 | CVE-2025-23725 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TaskMeister Accessibility Task Manager allows Reflected XSS. This... |
| N/A | 2025-01-23 | CVE-2025-23727 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AZ Content Finder allows Reflected XSS. This issue affec... |
| N/A | 2025-01-23 | CVE-2025-23729 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fures XTRA Settings allows Reflected XSS. This issue affects XTRA... |
| N/A | 2025-01-23 | CVE-2025-23730 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound FLX Dashboard Groups allows Reflected XSS. This issue af... |
| N/A | 2025-01-23 | CVE-2025-23733 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sayocode SC Simple Zazzle allows Reflected XSS. This issue affect... |
| N/A | 2025-01-23 | CVE-2025-23834 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Links/Problem Reporter allows Reflected XSS. This issue ... |
| N/A | 2025-01-23 | CVE-2025-23835 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Legal + allows Reflected XSS. This issue affects Legal +... |
| N/A | 2025-01-23 | CVE-2025-23836 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SuryaBhan Custom Coming Soon allows Reflected XSS. This issue aff... |
| N/A | 2025-01-23 | CVE-2025-23894 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tatsuya Fukata, Alexander Ovsov wp-flickr-press allows Reflected ... |
| N/A | 2025-01-23 | CVE-2025-23960 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL allows Reflected XSS. Thi... |
| N/A | 2025-01-23 | CVE-2024-11147 | cve | ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root. |
| N/A | 2025-01-23 | CVE-2024-12078 | cve | ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. An unauthenticated attacker within BLE range can control any robot using the ... |
| N/A | 2025-01-23 | CVE-2024-12079 | cve | ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism. |
| N/A | 2025-01-23 | CVE-2024-52327 | cve | The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed. |
| N/A | 2025-01-23 | CVE-2024-52328 | cve | ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. An attacker with access to the /data filesystem can delete or modify wa... |
| N/A | 2025-01-23 | CVE-2024-52329 | cve | ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authenticati... |
| N/A | 2025-01-23 | CVE-2024-52330 | cve | ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates. |
| Page(s) : 1 ... 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 [1160] 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 ... | Result(s) : 327331 |
