| Page(s) : 1 ... 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 [1288] 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 ... | Result(s) : 327848 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-01-10 | CVE-2024-56511 | cve | DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can b... |
| N/A | 2025-01-10 | CVE-2025-22152 | cve | Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to r... |
| N/A | 2025-01-10 | CVE-2025-22596 | cve | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA applica... |
| N/A | 2025-01-10 | CVE-2025-22597 | cve | WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA applicat... |
| N/A | 2025-01-10 | CVE-2025-22598 | cve | WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application.... |
| N/A | 2025-01-10 | CVE-2025-22599 | cve | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This v... |
| N/A | 2025-01-10 | CVE-2025-22600 | cve | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA appl... |
| N/A | 2025-01-10 | CVE-2025-22949 | cve | Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. |
| N/A | 2025-01-10 | CVE-2024-54846 | cve | An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack. |
| N/A | 2025-01-10 | CVE-2024-54847 | cve | An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack. |
| N/A | 2025-01-10 | CVE-2024-54848 | cve | Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks. |
| N/A | 2025-01-10 | CVE-2024-54849 | cve | An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. |
| N/A | 2025-01-10 | CVE-2024-57211 | cve | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the modifyOne parameter in the enable_wsh function. |
| N/A | 2025-01-10 | CVE-2024-57212 | cve | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the opmode parameter in the action_reboot function. |
| N/A | 2025-01-10 | CVE-2024-57213 | cve | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function. |
| N/A | 2025-01-10 | CVE-2024-57214 | cve | TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function. |
| N/A | 2025-01-10 | CVE-2024-54687 | cve | Vtiger CRM v.6.1 and before is vulnerable to Cross Site Scripting (XSS) via the Documents module and function uploadAndSaveFile in CRMEntity.php. |
| N/A | 2025-01-10 | CVE-2024-57222 | cve | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_cancel_wps function. |
| N/A | 2025-01-10 | CVE-2024-57223 | cve | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_wps_gen_pincode function. |
| N/A | 2025-01-10 | CVE-2024-57224 | cve | Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function. |
| Page(s) : 1 ... 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 [1288] 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 ... | Result(s) : 327848 |
