| Page(s) : 1 ... 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 [1240] 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 ... | Result(s) : 301803 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-01-14 | CVE-2024-48886 | cve | A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15, FortiProxy versions 7.4.0 through 7.4.4,... |
| 8.8 | 2025-01-14 | CVE-2024-48890 | cve | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR IMAP connector version 3.5.7 and belo... |
| 5.4 | 2025-01-14 | CVE-2024-48893 | cve | An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiSOAR 7.3.0 through 7.3.3, 7.2.1 through 7.2.2 may allow an authenticated attacker t... |
| 3.3 | 2025-01-14 | CVE-2024-50564 | cve | A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versions, and 6.4.x all versions may allow a low-privileged use... |
| 8.8 | 2025-01-14 | CVE-2024-50566 | cve | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 thro... |
| 5.9 | 2025-01-14 | CVE-2024-52963 | cve | A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a deni... |
| 4.8 | 2025-01-14 | CVE-2024-52967 | cve | An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or com... |
| 6.5 | 2025-01-14 | CVE-2024-52969 | cve | An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, vers... |
| 9.8 | 2025-01-14 | CVE-2024-54021 | cve | An improper neutralization of crlf sequences in http headers ('http response splitting') in Fortinet FortiOS 7.2.0 through 7.6.0, FortiProxy 7.2.0 through 7.4.5 allows... |
| 9.8 | 2025-01-14 | CVE-2024-55591 | cve | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 an... |
| 2.7 | 2025-01-14 | CVE-2024-55593 | cve | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWeb versions 6.3.17 through 7.6.1 allows attacker to gain infor... |
| 6.7 | 2025-01-14 | CVE-2024-56497 | cve | An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.... |
| 8.2 | 2025-01-14 | CVE-2024-7344 | cve | Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. |
| 6.4 | 2025-01-14 | CVE-2024-13323 | cve | The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and includin... |
| 5.3 | 2025-01-14 | CVE-2024-12006 | cve | The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and incl... |
| 7.5 | 2025-01-14 | CVE-2024-12008 | cve | The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes... |
| 8.5 | 2025-01-14 | CVE-2024-12365 | cve | The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is_w3tc_admin_page function in all versions up to, ... |
| 6.5 | 2025-01-14 | CVE-2024-11734 | cve | A denial of service vulnerability was found in Keycloak that could allow an administrative user with the right to change realm settings to disrupt the service. This action is do... |
| 4.9 | 2025-01-14 | CVE-2024-11736 | cve | A vulnerability was found in Keycloak. Admin users may have to access sensitive server environment variables and system properties through user-configurable URLs. When configuri... |
| 6.4 | 2025-01-14 | CVE-2024-13156 | cve | The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘heading’ parameter in all version... |
| Page(s) : 1 ... 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 [1240] 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 ... | Result(s) : 301803 |
