| Page(s) : 1 ... 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 [1203] 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 ... | Result(s) : 301689 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-16 | CVE-2024-57776 | cve | A cross-site scripting (XSS) vulnerability in the /apply/getEditPage?view interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via ... |
| N/A | 2025-01-16 | CVE-2025-20072 | cve | Mattermost Mobile versions |
| 7.5 | 2025-01-16 | CVE-2018-25108 | cve | An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource consumption. |
| 9.8 | 2025-01-16 | CVE-2025-0471 | cve | Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote acces... |
| 7.5 | 2025-01-16 | CVE-2025-0472 | cve | Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the inter... |
| 7.5 | 2025-01-16 | CVE-2025-0473 | cve | Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file up... |
| N/A | 2025-01-16 | CVE-2024-12226 | cve | In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Versi... |
| 7.8 | 2025-01-16 | CVE-2024-45331 | cve | A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7... |
| 9.1 | 2025-01-16 | CVE-2024-48885 | cve | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb ... |
| 5.3 | 2025-01-16 | CVE-2024-12427 | cve | The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up... |
| 7.5 | 2025-01-16 | CVE-2024-12613 | cve | The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to... |
| 4.3 | 2025-01-16 | CVE-2024-12614 | cve | The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pms_save_setting' and 'pos... |
| 6.5 | 2025-01-16 | CVE-2024-12615 | cve | The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to ... |
| 5.4 | 2025-01-16 | CVE-2024-13355 | cve | The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in th... |
| 6.4 | 2025-01-16 | CVE-2024-13387 | cve | The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprtabs' shortcode in all versions up to, and including... |
| 9.8 | 2025-01-16 | CVE-2024-50563 | cve | A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiMan... |
| N/A | 2025-01-16 | CVE-2024-10401 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 5.4 | 2025-01-16 | CVE-2024-10970 | cve | The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due ... |
| 6.1 | 2025-01-16 | CVE-2025-0170 | cve | The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.3.3 due to insufficient input sanitization and ... |
| 9.8 | 2025-01-16 | CVE-2025-0455 | cve | The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete ... |
| Page(s) : 1 ... 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 [1203] 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 ... | Result(s) : 301689 |
