| Page(s) : 1 ... 130 131 132 133 134 135 136 137 138 139 [140] 141 142 143 144 145 146 147 148 149 150 ... | Result(s) : 298695 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-29 | CVE-2025-48390 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, FreeScout is vulnerable to code injection due to insufficient validation of user input in... |
| 9.8 | 2025-05-29 | CVE-2025-48471 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, the application does not check or performs insufficient checking of files uploaded to the... |
| 8.1 | 2025-05-29 | CVE-2025-48472 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, there is no check to ensure that the user is disabling notifications for the mailbox to w... |
| N/A | 2025-05-29 | CVE-2025-48473 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, when creating a conversation from a message in another conversation, there is no check to... |
| N/A | 2025-05-29 | CVE-2025-48474 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application incorrectly checks user access rights for conversations. Users with show_... |
| N/A | 2025-05-29 | CVE-2024-51392 | cve | An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component |
| N/A | 2025-05-29 | CVE-2025-46570 | cve | vLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.9.0, when a new prompt is processed, if the PageAttention mechanism finds a matching... |
| N/A | 2025-05-29 | CVE-2025-46722 | cve | vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalH... |
| N/A | 2025-05-29 | CVE-2025-48475 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the System does not provide a check on which "clients" of the System an authorized user c... |
| N/A | 2025-05-29 | CVE-2025-48388 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as ... |
| N/A | 2025-05-29 | CVE-2025-48045 | cve | An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials. |
| N/A | 2025-05-29 | CVE-2025-48046 | cve | An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint. |
| N/A | 2025-05-29 | CVE-2025-48047 | cve | An authenticated user can perform command injection via unsanitized input to the NetFax Server’s ping functionality via the /test.php endpoint. |
| N/A | 2025-05-29 | CVE-2025-3755 | cve | Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthentica... |
| 5.4 | 2025-05-29 | CVE-2025-4583 | cve | The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-plugin` attribute in all versions ... |
| N/A | 2025-05-29 | CVE-2025-5273 | cve | All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a ... |
| N/A | 2025-05-29 | CVE-2025-5276 | cve | All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, ... |
| N/A | 2025-05-29 | CVE-2024-52588 | cve | Strapi is an open-source content management system. Prior to version 4.25.2, inputting a local domain into the Webhooks URL field leads to the application fetching itself, resul... |
| N/A | 2025-05-29 | CVE-2025-27151 | cve | Redis is an open source, in-memory database that persists on disk. In versions starting from 7.0.0 to before 8.0.2, a stack-based buffer overflow exists in redis-check-aof due t... |
| 6.4 | 2025-05-29 | CVE-2025-4670 | cve | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edd_receipt s... |
| Page(s) : 1 ... 130 131 132 133 134 135 136 137 138 139 [140] 141 142 143 144 145 146 147 148 149 150 ... | Result(s) : 298695 |
