| Page(s) : 1 ... 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 [1161] 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 ... | Result(s) : 327331 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-23 | CVE-2024-52331 | cve | ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successful... |
| N/A | 2025-01-23 | CVE-2024-55925 | cve | In Xerox Workplace Suite, an API restricted to specific hosts can be bypassed by manipulating the Host header. If the server improperly validates or trusts the Host header witho... |
| N/A | 2025-01-23 | CVE-2025-0650 | cve | A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical sw... |
| 6 | 2025-01-23 | CVE-2024-45672 | cve | IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a... |
| N/A | 2025-01-23 | CVE-2024-55926 | cve | A vulnerability found in Xerox Workplace Suite allows arbitrary file read, upload, and deletion on the server through crafted header manipulation. By exploiting improper validat... |
| N/A | 2025-01-23 | CVE-2024-55927 | cve | A vulnerability in Xerox Workplace Suite arises from flawed token generation and the use of hard-coded keys. These weaknesses allow attackers to predict or forge tokens, leading... |
| N/A | 2025-01-23 | CVE-2024-55928 | cve | Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption |
| N/A | 2025-01-23 | CVE-2024-55929 | cve | A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources. |
| N/A | 2025-01-23 | CVE-2024-55930 | cve | Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files |
| N/A | 2025-01-23 | CVE-2025-22153 | cve | RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in v... |
| 6.4 | 2025-01-23 | CVE-2025-23227 | cve | IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed... |
| N/A | 2025-01-23 | CVE-2025-24033 | cve | @fastify/multipart is a Fastify plugin for parsing the multipart content-type. Prior to versions 8.3.1 and 9.0.3, the `saveRequestFiles` function does not delete the uploaded te... |
| N/A | 2025-01-23 | CVE-2025-24034 | cve | Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Starting in version 0.7.0 and prior to versions 0.7.15 and 0.8.3, Himmelblau is vulnerable to le... |
| N/A | 2025-01-23 | CVE-2025-24353 | cve | Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It ... |
| 5.4 | 2025-01-23 | CVE-2024-12043 | cve | The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Post Slider and Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting... |
| 9.8 | 2025-01-23 | CVE-2024-13234 | cve | The Product Table by WBW plugin for WordPress is vulnerable to SQL Injection via the 'additionalCondition' parameter in all versions up to, and including, 2.1.2 due to... |
| N/A | 2025-01-23 | CVE-2024-43708 | cve | An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted payload to a number of inputs in Kibana UI. This can be carri... |
| N/A | 2025-01-23 | CVE-2025-0619 | cve | Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords |
| N/A | 2025-01-23 | CVE-2025-0635 | cve | Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions. |
| N/A | 2025-01-23 | CVE-2025-0648 | cve | Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via conf... |
| Page(s) : 1 ... 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 [1161] 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 ... | Result(s) : 327331 |
