| Page(s) : 1 ... 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 [1437] 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 ... | Result(s) : 328771 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-24 | CVE-2024-53241 | cve | In the Linux kernel, the following vulnerability has been resolved: x86/xen: don't do PV iret hypercall through hypercall page Instead of jumping to the Xen hypercall pag... |
| 6.4 | 2024-12-24 | CVE-2024-8721 | cve | The Tracking Code Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tracking code field in all versions up to, and including, 2.3.0 due to insuff... |
| N/A | 2024-12-24 | CVE-2024-12582 | cve | A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a... |
| N/A | 2024-12-24 | CVE-2024-47515 | cve | A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious use... |
| N/A | 2024-12-24 | CVE-2024-9427 | cve | A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not e... |
| 6.5 | 2024-12-24 | CVE-2024-12266 | cve | The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elex_dp_export_rule... |
| 6.4 | 2024-12-24 | CVE-2024-12507 | cve | The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'optio-lightbox' shortcode in all versions up to, and inclu... |
| 6.4 | 2024-12-24 | CVE-2024-12518 | cve | The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and includin... |
| 5.4 | 2024-12-24 | CVE-2024-12617 | cve | The WC Price History for Omnibus plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in all versions up to, and i... |
| 6.1 | 2024-12-24 | CVE-2024-12710 | cve | The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.5.3 due to insuffic... |
| N/A | 2024-12-23 | CVE-2018-25106 | cve | A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot ... |
| 8.1 | 2024-12-23 | CVE-2024-53961 | cve | ColdFusion versions 2023.11, 2021.17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that c... |
| N/A | 2024-12-23 | CVE-2024-23945 | cve | Signing cookies is an application security feature that adds a digital signature to cookie data to verify its authenticity and integrity. The signature helps prevent malicious a... |
| 8.8 | 2024-12-23 | CVE-2024-45387 | cve | An SQL injection vulnerability in Traffic Ops in Apache Traffic Control = 8.0.0 allows a privileged user with role "admin", "federation", "operations", "portal", or "steering" t... |
| N/A | 2024-12-23 | CVE-2024-53256 | cve | Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_c... |
| N/A | 2024-12-23 | CVE-2024-54148 | cve | Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerab... |
| 8.8 | 2024-12-23 | CVE-2024-55947 | cve | Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability i... |
| N/A | 2024-12-23 | CVE-2024-56201 | cve | Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filenam... |
| N/A | 2024-12-23 | CVE-2024-56326 | cve | Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the co... |
| N/A | 2024-12-23 | CVE-2024-56364 | cve | SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in 1.0.12 and ending in 1.1.13, when calling the extended toHTMLEx method, it is possible ... |
| Page(s) : 1 ... 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 [1437] 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 ... | Result(s) : 328771 |
