| Page(s) : 1 ... 127 128 129 130 131 132 133 134 135 136 [137] 138 139 140 141 142 143 144 145 146 147 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-11 | CVE-2024-52960 | cve | A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated at... |
| N/A | 2025-03-11 | CVE-2024-52961 | cve | An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.7, 4.2.0 through 4.2.7 and ... |
| N/A | 2025-03-11 | CVE-2024-54018 | cve | Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] in FortiSandbox before 4.4.5 allows a privileged attacker to execute unauthor... |
| N/A | 2025-03-11 | CVE-2024-54026 | cve | An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox Cloud version 23.4, FortiSandbox at least 4.4.0 throug... |
| N/A | 2025-03-11 | CVE-2024-55590 | cve | Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiIsolator version 2.4.0 th... |
| N/A | 2025-03-11 | CVE-2024-55592 | cve | An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 a... |
| N/A | 2025-03-11 | CVE-2024-55597 | cve | A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiWeb versions 7.0.0 through 7.6.0 allows attacker to execute unauthori... |
| N/A | 2025-03-11 | CVE-2025-22454 | cve | Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. |
| N/A | 2025-03-11 | CVE-2025-27403 | cve | Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that compl... |
| 6.1 | 2025-03-11 | CVE-2024-13413 | cve | The ProductDyno plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘res’ parameter in all versions up to, and including, 1.0.24 due to insufficient inp... |
| N/A | 2025-03-11 | CVE-2024-13574 | cve | The XV Random Quotes WordPress plugin through 1.40 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting wh... |
| N/A | 2025-03-11 | CVE-2024-13580 | cve | The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them... |
| N/A | 2025-03-11 | CVE-2024-13615 | cve | The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its setti... |
| N/A | 2025-03-11 | CVE-2024-13836 | cve | The WP Login Control WordPress plugin through 2.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting w... |
| N/A | 2025-03-11 | CVE-2024-13853 | cve | The SEO Tools WordPress plugin through 4.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co... |
| N/A | 2025-03-11 | CVE-2024-13862 | cve | The S3Bubble Media Streaming (AWS|Elementor|YouTube|Vimeo Functionality) WordPress plugin through 8.0 does not sanitise and escape a parameter before outputting it back in the p... |
| N/A | 2025-03-11 | CVE-2024-13864 | cve | The Countdown Timer WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting whic... |
| N/A | 2025-03-11 | CVE-2025-0629 | cve | The Coronavirus (COVID-19) Notice Message WordPress plugin through 1.1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin ... |
| 4.3 | 2025-03-11 | CVE-2024-13228 | cve | The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubely_get... |
| 7.5 | 2025-03-11 | CVE-2025-26702 | cve | Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04. |
| Page(s) : 1 ... 127 128 129 130 131 132 133 134 135 136 [137] 138 139 140 141 142 143 144 145 146 147 ... | Result(s) : 312940 |
