| Page(s) : 1 ... 126 127 128 129 130 131 132 133 134 135 [136] 137 138 139 140 141 142 143 144 145 146 ... | Result(s) : 298695 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-30 | CVE-2025-48875 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, the system's incorrect validation of last_name and first_name during profile data up... |
| 6.6 | 2025-05-30 | CVE-2025-48880 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.181, when an administrative account is a deleting a user, there is the the possibility of a ra... |
| 8.8 | 2025-05-30 | CVE-2025-48936 | cve | Zitadel is open-source identity infrastructure software. Prior to versions 2.70.12, 2.71.10, and 3.2.2, a potential vulnerability exists in the password reset mechanism. ZITADEL... |
| 5.4 | 2025-05-30 | CVE-2025-4943 | cve | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and ... |
| 4.3 | 2025-05-30 | CVE-2025-4431 | cve | The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fip_sa... |
| 5.4 | 2025-05-30 | CVE-2025-5236 | cve | The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘username’ parameter in all versions up to, and including, 1.1 due to i... |
| 4.3 | 2025-05-30 | CVE-2025-48334 | cve | Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Slider Pro: ... |
| 6.5 | 2025-05-30 | CVE-2025-48912 | cve | An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allo... |
| N/A | 2025-05-30 | CVE-2025-4633 | cve | Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal |
| N/A | 2025-05-30 | CVE-2025-4634 | cve | The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate request... |
| N/A | 2025-05-30 | CVE-2025-4635 | cve | A malicious user with administrative privileges in the web portal would be able to manipulate the Diagnostics module to obtain remote code execution on the local device as a low... |
| N/A | 2025-05-30 | CVE-2025-4636 | cve | Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalat... |
| N/A | 2025-05-30 | CVE-2025-1907 | cve | Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected. |
| N/A | 2025-05-30 | CVE-2025-41438 | cve | The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unc... |
| N/A | 2025-05-30 | CVE-2025-46352 | cve | The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password ... |
| N/A | 2025-05-30 | CVE-2020-36846 | cve | A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli librar... |
| N/A | 2025-05-30 | CVE-2024-12224 | cve | Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might trea... |
| N/A | 2025-05-30 | CVE-2025-44612 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possi... |
| N/A | 2025-05-30 | CVE-2025-44614 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext. |
| N/A | 2025-05-30 | CVE-2025-44619 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication. |
| Page(s) : 1 ... 126 127 128 129 130 131 132 133 134 135 [136] 137 138 139 140 141 142 143 144 145 146 ... | Result(s) : 298695 |
