| Page(s) : 1 ... 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 [1453] 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 ... | Result(s) : 328775 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-18 | CVE-2024-56057 | cve | Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2. |
| N/A | 2024-12-18 | CVE-2024-12741 | cve | A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. Successful exploitation requires an attacker to get a user to... |
| N/A | 2024-12-18 | CVE-2024-36694 | cve | OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function. |
| N/A | 2024-12-18 | CVE-2024-49363 | cve | Misskey is an open source, federated social media platform. In affected versions FileServerService (media proxy) in github.com/misskey-dev/misskey 2024.10.1 or earlier did not d... |
| 6.5 | 2024-12-18 | CVE-2024-51470 | cve | IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authentica... |
| N/A | 2024-12-18 | CVE-2024-52579 | cve | Misskey is an open source, federated social media platform. Some APIs using `HttpRequestService` do not properly check the target host. This vulnerability allows an attacker to ... |
| N/A | 2024-12-18 | CVE-2024-52590 | cve | Misskey is an open source, federated social media platform. In affected versions missing validation in `ApRequestService.signedGet` allows an attacker to create fake user profil... |
| N/A | 2024-12-18 | CVE-2024-52591 | cve | Misskey is an open source, federated social media platform. In affected versions missing validation in `ApRequestService.signedGet` and `HttpRequestService.getActivityJson` allo... |
| N/A | 2024-12-18 | CVE-2024-52592 | cve | Misskey is an open source, federated social media platform. In affected versions missing validation in `ApInboxService.update` allows an attacker to modify the result of polls b... |
| N/A | 2024-12-18 | CVE-2024-52593 | cve | Misskey is an open source, federated social media platform.In affected versions missing validation in `NoteCreateService.insertNote`, `ApPersonService.createPerson`, and `ApPers... |
| N/A | 2024-12-18 | CVE-2024-53269 | cve | Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy Eyeballs sorting algorithm will crash in data pl... |
| N/A | 2024-12-18 | CVE-2024-53270 | cve | Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_p... |
| N/A | 2024-12-18 | CVE-2024-53271 | cve | Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstr... |
| 7.2 | 2024-12-18 | CVE-2024-12686 | cve | A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject comma... |
| N/A | 2024-12-18 | CVE-2024-45338 | cve | An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a de... |
| N/A | 2024-12-18 | CVE-2024-56140 | cve | Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. When the `security.... |
| 9.8 | 2024-12-18 | CVE-2024-56145 | cve | Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.... |
| 8.8 | 2024-12-18 | CVE-2024-12692 | cve | Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severi... |
| 8.8 | 2024-12-18 | CVE-2024-12693 | cve | Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromiu... |
| 8.8 | 2024-12-18 | CVE-2024-12694 | cve | Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium securi... |
| Page(s) : 1 ... 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 [1453] 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 ... | Result(s) : 328775 |
