| Page(s) : 1 ... 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 [1388] 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 ... | Result(s) : 328383 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2024-12-30 | CVE-2024-13049 | cve | Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected install... |
| 7.8 | 2024-12-30 | CVE-2024-13050 | cve | Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a... |
| 7.8 | 2024-12-30 | CVE-2024-13051 | cve | Ashlar-Vellum Graphite VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on a... |
| N/A | 2024-12-30 | CVE-2024-13058 | cve | An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the ba... |
| N/A | 2024-12-30 | CVE-2024-50701 | cve | TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has... |
| N/A | 2024-12-30 | CVE-2024-50702 | cve | TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager. |
| N/A | 2024-12-30 | CVE-2024-50703 | cve | TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id. |
| N/A | 2024-12-30 | CVE-2024-12754 | cve | AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An... |
| N/A | 2024-12-30 | CVE-2024-12828 | cve | Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Webmin. Authe... |
| N/A | 2024-12-30 | CVE-2024-12834 | cve | Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte... |
| N/A | 2024-12-30 | CVE-2024-12835 | cve | Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on af... |
| N/A | 2024-12-30 | CVE-2024-12836 | cve | Delta Electronics DRASimuCAD STP File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte... |
| N/A | 2024-12-30 | CVE-2024-52294 | cve | Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allow... |
| N/A | 2024-12-30 | CVE-2024-56516 | cve | free-one-api allows users to access large language model reverse engineering libraries through the standard OpenAI API format. In versions up to and including 1.0.1, MD5 is used... |
| N/A | 2024-12-30 | CVE-2024-56517 | cve | LGSL (Live Game Server List) provides online status lists for online video games. Versions up to and including 6.2.1 contain a reflected cross-site scripting vulnerability in th... |
| N/A | 2024-12-30 | CVE-2024-56733 | cve | Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker... |
| N/A | 2024-12-30 | CVE-2024-56734 | cve | Better Auth is an authentication library for TypeScript. An open redirect vulnerability has been identified in the verify email endpoint of all versions of Better Auth prior to ... |
| N/A | 2024-12-30 | CVE-2024-46542 | cve | Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL injection attacks. |
| N/A | 2024-12-30 | CVE-2024-12993 | cve | Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the use... |
| N/A | 2024-12-30 | CVE-2024-10044 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d567... |
| Page(s) : 1 ... 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 [1388] 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 ... | Result(s) : 328383 |
