| Page(s) : 1 ... 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 [1465] 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 ... | Result(s) : 328946 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-18 | CVE-2024-56173 | cve | In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from JavaScr... |
| N/A | 2024-12-18 | CVE-2024-56174 | cve | In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-... |
| N/A | 2024-12-18 | CVE-2024-56175 | cve | In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-... |
| 5.3 | 2024-12-18 | CVE-2024-11295 | cve | The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core searc... |
| 9.8 | 2024-12-18 | CVE-2024-12287 | cve | The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly verifyin... |
| N/A | 2024-12-18 | CVE-2024-1610 | cve | In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. |
| N/A | 2024-12-18 | CVE-2024-39703 | cve | In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint. |
| N/A | 2024-12-18 | CVE-2024-47397 | cve | Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authen... |
| N/A | 2024-12-18 | CVE-2024-53688 | cve | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE fir... |
| N/A | 2024-12-18 | CVE-2024-54457 | cve | Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow... |
| N/A | 2024-12-18 | CVE-2024-11614 | cve | An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor... |
| 4.3 | 2024-12-18 | CVE-2024-12340 | cve | The Animation Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.6 via the 'render' fu... |
| 6.1 | 2024-12-18 | CVE-2024-12454 | cve | The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.23. This is due to mi... |
| 5.4 | 2024-12-18 | CVE-2024-12554 | cve | The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validatio... |
| 6.4 | 2024-12-18 | CVE-2024-11439 | cve | The ScanCircle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'scancircle' shortcode in all versions up to, and including, 2.9... |
| 6.4 | 2024-12-18 | CVE-2024-11748 | cve | The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including,... |
| 6.4 | 2024-12-18 | CVE-2024-11881 | cve | The Easy Waveform Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'easywaveformplayer' shortcode in all versions up to, ... |
| 6.4 | 2024-12-18 | CVE-2024-12500 | cve | The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all ... |
| 6.4 | 2024-12-18 | CVE-2024-12513 | cve | The Contests by Rewards Fuel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'RF_CONTEST' shortcode in all versions up to, and ... |
| 7.8 | 2024-12-18 | CVE-2024-47480 | cve | Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may ... |
| Page(s) : 1 ... 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 [1465] 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 ... | Result(s) : 328946 |
