| Page(s) : 1 ... 109 110 111 112 113 114 115 116 117 118 [119] 120 121 122 123 124 125 126 127 128 129 ... | Result(s) : 43231 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-09-04 | CVE-2024-6926 | cve | The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticat... |
| 9.8 | 2024-09-04 | CVE-2024-45507 | cve | Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 1... |
| 9.8 | 2024-09-04 | CVE-2024-8289 | cve | The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to privilege escalation/de-escalation and account takeover due to... |
| 9.1 | 2024-09-04 | CVE-2024-45443 | cve | Directory traversal vulnerability in the cust module Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. |
| 9.8 | 2024-09-04 | CVE-2024-7950 | cve | The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and Use... |
| 9.8 | 2024-09-03 | CVE-2024-45307 | cve | SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the `-config` command in versions prior to 9.26.7. Anyone is theoretically able to update... |
| 9.8 | 2024-09-03 | CVE-2024-45390 | cve | @blakeembrey/template is a string template library. Prior to version 1.2.0, it is possible to inject and run code within the template if the attacker has access to write the tem... |
| 9.8 | 2024-09-03 | CVE-2024-4259 | cve | Improper Privilege Management vulnerability in SAMPAS Holding AKOS (AkosCepVatandasService), SAMPAS Holding AKOS (TahsilatService) allows Collect Data as Provided by Users.This ... |
| 9.6 | 2024-09-03 | CVE-2024-7345 | cve | Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS pla... |
| 9.8 | 2024-09-03 | CVE-2024-44921 | cve | SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del. |
| 9.8 | 2024-09-03 | CVE-2024-8381 | cve | A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox... |
| 9.8 | 2024-09-03 | CVE-2024-8384 | cve | The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory c... |
| 9.8 | 2024-09-03 | CVE-2024-8385 | cve | A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 13... |
| 9.8 | 2024-09-03 | CVE-2024-8387 | cve | Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effo... |
| 9.8 | 2024-09-03 | CVE-2024-8389 | cve | Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited... |
| 9.8 | 2024-09-03 | CVE-2024-8380 | cve | A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoi... |
| 9.8 | 2024-09-03 | CVE-2024-7261 | cve | The improper neutralization of special elements in the parameter "host" in the CGI program of Zyxel NWA1123ACv3 firmware version 6.70(ABVT.4) and earlier, WAC500 firmware versio... |
| 9.8 | 2024-09-02 | CVE-2024-6919 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Blind SQL In... |
| 9.8 | 2024-09-02 | CVE-2024-43772 | cve | SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via th... |
| 9.8 | 2024-09-02 | CVE-2024-43773 | cve | SQL Injection in download class learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the ... |
| Page(s) : 1 ... 109 110 111 112 113 114 115 116 117 118 [119] 120 121 122 123 124 125 126 127 128 129 ... | Result(s) : 43231 |
