| Page(s) : 1 ... 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 [1170] 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 ... | Result(s) : 301652 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-21 | CVE-2024-57036 | cve | TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute... |
| N/A | 2025-01-21 | CVE-2025-0377 | cve | HashiCorp’s go-slug library is vulnerable to a zip-slip style attack when a non-existing user-provided path is extracted from the tar entry. |
| 5.3 | 2025-01-21 | CVE-2025-24011 | cve | Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an ... |
| 5.4 | 2025-01-21 | CVE-2025-24012 | cve | Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, authenticated users are able to exploit a c... |
| 6.1 | 2025-01-21 | CVE-2025-24017 | cve | YesWiki is a wiki system written in PHP. Versions up to and including 4.4.5 are vulnerable to any end-user crafting a DOM based XSS on all of YesWiki's pages which is trigg... |
| N/A | 2025-01-21 | CVE-2024-45687 | cve | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Platform Payara Server (Grizzly, REST Management ... |
| N/A | 2025-01-21 | CVE-2025-0623 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 5.4 | 2025-01-21 | CVE-2025-24018 | cve | YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for an authenticated user with rights to edit/create a page or comment to trigger ... |
| N/A | 2025-01-21 | CVE-2024-54792 | cve | A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user administration panel. An authenticated user can lead another user into executing u... |
| N/A | 2025-01-21 | CVE-2024-54794 | cve | The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. |
| N/A | 2025-01-21 | CVE-2024-54795 | cve | SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create/edit forms of the worksheet designer function. |
| N/A | 2025-01-21 | CVE-2025-22150 | cve | Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-... |
| N/A | 2025-01-21 | CVE-2025-22267 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bruce Wampler Weaver Themes Shortcode Compatibility allows Stored... |
| N/A | 2025-01-21 | CVE-2025-22276 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Enguerran Weiss Related Post Shortcode allows Stored XSS. This is... |
| N/A | 2025-01-21 | CVE-2025-22661 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita.com Online Payments – Get Paid with PayPal, Square & Stripe... |
| N/A | 2025-01-21 | CVE-2025-22721 | cve | Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and Manager allows Exploiting Incorrectly Configured Access Control Security Levels. Th... |
| N/A | 2025-01-21 | CVE-2025-22722 | cve | Missing Authorization vulnerability in Widget Options Team Widget Options allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Widget Opti... |
| N/A | 2025-01-21 | CVE-2025-23454 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flashmaniac Nature FlipBook allows Reflected XSS. This issue affe... |
| N/A | 2025-01-21 | CVE-2025-23461 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Dotta, Jacopo Campani, di xkoll.com Social2Blog allows Ref... |
| N/A | 2025-01-21 | CVE-2025-23477 | cve | Missing Authorization vulnerability in Realty Workstation Realty Workstation allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Realty Workstati... |
| Page(s) : 1 ... 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 [1170] 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 ... | Result(s) : 301652 |
