| Page(s) : 1 ... 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 [1258] 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 ... | Result(s) : 301836 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.4 | 2025-01-11 | CVE-2024-42168 | cve | HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the applicatio... |
| 8.1 | 2025-01-11 | CVE-2024-42169 | cve | HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access... |
| N/A | 2025-01-11 | CVE-2025-0103 | cve | An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, dev... |
| N/A | 2025-01-11 | CVE-2025-0104 | cve | A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated E... |
| N/A | 2025-01-11 | CVE-2025-0105 | cve | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the ho... |
| N/A | 2025-01-11 | CVE-2025-0106 | cve | A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. |
| N/A | 2025-01-11 | CVE-2025-0107 | cve | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which... |
| 5.4 | 2025-01-11 | CVE-2024-12304 | cve | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in all versions up to,... |
| N/A | 2025-01-11 | CVE-2025-23108 | cve | Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Fir... |
| N/A | 2025-01-11 | CVE-2025-23109 | cve | Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134. |
| N/A | 2025-01-10 | CVE-2024-54910 | cve | Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function. |
| N/A | 2025-01-10 | CVE-2025-23079 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - ArticleFeedbackv5 extensi... |
| N/A | 2025-01-10 | CVE-2024-12847 | cve | NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands a... |
| N/A | 2025-01-10 | CVE-2024-33297 | cve | Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign f... |
| N/A | 2025-01-10 | CVE-2024-33298 | cve | Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/... |
| N/A | 2025-01-10 | CVE-2024-33299 | cve | Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/mo... |
| N/A | 2025-01-10 | CVE-2024-6437 | cve | On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interfa... |
| N/A | 2025-01-10 | CVE-2024-54994 | cve | MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the first_name and last_name parameters in the Add a new relationship feature. |
| N/A | 2025-01-10 | CVE-2024-54996 | cve | MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create. |
| N/A | 2025-01-10 | CVE-2024-54997 | cve | MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit. |
| Page(s) : 1 ... 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 [1258] 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 ... | Result(s) : 301836 |
