| Page(s) : 1 ... 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 [1233] 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 ... | Result(s) : 327743 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2025-01-16 | CVE-2025-0472 | cve | Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the inter... |
| 7.5 | 2025-01-16 | CVE-2025-0473 | cve | Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file up... |
| N/A | 2025-01-16 | CVE-2024-12226 | cve | In affected versions of the Octopus Kubernetes worker or agent, sensitive variables could be written to the Kubernetes script pod log in clear-text. This was identified in Versi... |
| 7.8 | 2025-01-16 | CVE-2024-45331 | cve | A incorrect privilege assignment in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15, FortiManager versions 7... |
| 9.1 | 2025-01-16 | CVE-2024-48885 | cve | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiRecorder versions 7.2.0 through 7.2.1, 7.0.0 through 7.0.4, FortiWeb ... |
| 5.3 | 2025-01-16 | CVE-2024-12427 | cve | The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up... |
| 7.5 | 2025-01-16 | CVE-2024-12613 | cve | The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to... |
| 4.3 | 2025-01-16 | CVE-2024-12614 | cve | The Passwords Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pms_save_setting' and 'pos... |
| 6.5 | 2025-01-16 | CVE-2024-12615 | cve | The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX actions in all versions up to, and including, 1.4.8 due to ... |
| 5.4 | 2025-01-16 | CVE-2024-13355 | cve | The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in th... |
| 6.4 | 2025-01-16 | CVE-2024-13387 | cve | The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprtabs' shortcode in all versions up to, and including... |
| 9.8 | 2025-01-16 | CVE-2024-50563 | cve | A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiMan... |
| N/A | 2025-01-16 | CVE-2024-10401 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 5.4 | 2025-01-16 | CVE-2024-10970 | cve | The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due ... |
| 6.1 | 2025-01-16 | CVE-2025-0170 | cve | The DWT - Directory & Listing WordPress Theme is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.3.3 due to insufficient input sanitization and ... |
| 9.8 | 2025-01-16 | CVE-2025-0455 | cve | The airPASS from NetVision Information has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete ... |
| 9.8 | 2025-01-16 | CVE-2025-0456 | cve | The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access the specific administrative functionality ... |
| 8.8 | 2025-01-16 | CVE-2025-0457 | cve | The airPASS from NetVision Information has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands. |
| N/A | 2025-01-16 | CVE-2025-22904 | cve | RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the setWAN function. |
| N/A | 2025-01-16 | CVE-2025-22905 | cve | RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp. |
| Page(s) : 1 ... 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 [1233] 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 ... | Result(s) : 327743 |
