| Page(s) : 1 ... 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 [1462] 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 ... | Result(s) : 328932 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-18 | CVE-2024-55505 | cve | An issue in CodeAstro Complaint Management System v.1.0 allows a remote attacker to escalate privileges via the mess-view.php component. |
| 4.4 | 2024-12-18 | CVE-2023-50956 | cve | IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in cle... |
| N/A | 2024-12-18 | CVE-2024-12371 | cve | A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This vulnerability allows configuration of a new Policyholder user without any authenticati... |
| N/A | 2024-12-18 | CVE-2024-12372 | cve | A denial-of-service and possible remote code execution vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in corruption of the heap me... |
| N/A | 2024-12-18 | CVE-2024-12373 | cve | A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service. |
| 5.9 | 2024-12-18 | CVE-2024-47119 | cve | IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in ... |
| N/A | 2024-12-18 | CVE-2024-47810 | cve | A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can tr... |
| N/A | 2024-12-18 | CVE-2024-49576 | cve | A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. A specially crafted Javascript code inside a malicious PDF doc... |
| 5.7 | 2024-12-18 | CVE-2024-52361 | cve | IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod. |
| 6.1 | 2024-12-18 | CVE-2024-25042 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious comma... |
| 6.1 | 2024-12-18 | CVE-2024-41752 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, woul... |
| 5.2 | 2024-12-18 | CVE-2024-45082 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a ... |
| N/A | 2024-12-18 | CVE-2024-55086 | cve | In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be achieved in the plug-in download address in the backend management system. |
| N/A | 2024-12-18 | CVE-2024-55492 | cve | Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS). |
| N/A | 2024-12-18 | CVE-2024-55088 | cve | GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin module. |
| N/A | 2024-12-18 | CVE-2024-55089 | cve | Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function. |
| 6.8 | 2024-12-18 | CVE-2024-47104 | cve | IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file secu... |
| 5.3 | 2024-12-18 | CVE-2024-11291 | cve | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all ... |
| 7.5 | 2024-12-18 | CVE-2024-11912 | cve | The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL Injection via the ‘order_id’ parameter in all versions up to, and including, 3.1.6 d... |
| 6.5 | 2024-12-18 | CVE-2024-11926 | cve | The Travel Booking WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '__stPartnerCreateService... |
| Page(s) : 1 ... 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 [1462] 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 ... | Result(s) : 328932 |
