| Page(s) : 1 ... 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 [1286] 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 ... | Result(s) : 327848 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-11 | CVE-2025-0105 | cve | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the ho... |
| N/A | 2025-01-11 | CVE-2025-0106 | cve | A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. |
| N/A | 2025-01-11 | CVE-2025-0107 | cve | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which... |
| 5.4 | 2025-01-11 | CVE-2024-12304 | cve | The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via button block link in all versions up to,... |
| N/A | 2025-01-11 | CVE-2025-23108 | cve | Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Fir... |
| N/A | 2025-01-11 | CVE-2025-23109 | cve | Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address This vulnerability affects Firefox for iOS < 134. |
| N/A | 2025-01-10 | CVE-2024-54910 | cve | Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function. |
| N/A | 2025-01-10 | CVE-2025-23079 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - ArticleFeedbackv5 extensi... |
| N/A | 2025-01-10 | CVE-2024-12847 | cve | NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands a... |
| N/A | 2025-01-10 | CVE-2024-33297 | cve | Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign f... |
| N/A | 2025-01-10 | CVE-2024-33298 | cve | Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/... |
| N/A | 2025-01-10 | CVE-2024-33299 | cve | Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/mo... |
| N/A | 2025-01-10 | CVE-2024-6437 | cve | On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interfa... |
| N/A | 2025-01-10 | CVE-2024-54994 | cve | MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the first_name and last_name parameters in the Add a new relationship feature. |
| N/A | 2025-01-10 | CVE-2024-54996 | cve | MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create. |
| N/A | 2025-01-10 | CVE-2024-54997 | cve | MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit. |
| N/A | 2025-01-10 | CVE-2024-54998 | cve | MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create. |
| N/A | 2025-01-10 | CVE-2024-5872 | cve | On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to ... |
| N/A | 2025-01-10 | CVE-2024-7095 | cve | On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some circumstances a specially crafted packet can cause th... |
| N/A | 2025-01-10 | CVE-2024-47517 | cve | Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access |
| Page(s) : 1 ... 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 [1286] 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 ... | Result(s) : 327848 |
