| Page(s) : 1 ... 141 142 143 144 145 146 147 148 149 150 [151] 152 153 154 155 156 157 158 159 160 161 ... | Result(s) : 324460 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-05-30 | CVE-2025-48936 | cve | Zitadel is open-source identity infrastructure software. Prior to versions 2.70.12, 2.71.10, and 3.2.2, a potential vulnerability exists in the password reset mechanism. ZITADEL... |
| 5.4 | 2025-05-30 | CVE-2025-4943 | cve | The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-lakit-element-link’ parameter in all versions up to, and ... |
| 4.3 | 2025-05-30 | CVE-2025-4431 | cve | The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fip_sa... |
| 5.4 | 2025-05-30 | CVE-2025-5236 | cve | The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘username’ parameter in all versions up to, and including, 1.1 due to i... |
| 4.3 | 2025-05-30 | CVE-2025-48334 | cve | Missing Authorization vulnerability in BinaryCarpenter Woo Slider Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woo Slider Pro: ... |
| 6.5 | 2025-05-30 | CVE-2025-48912 | cve | An authenticated malicious actor using specially crafted requests could bypass row level security configuration by injecting SQL into 'sqlExpression' fields. This allo... |
| N/A | 2025-05-30 | CVE-2025-4633 | cve | Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal |
| N/A | 2025-05-30 | CVE-2025-4634 | cve | The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate request... |
| N/A | 2025-05-30 | CVE-2025-4635 | cve | A malicious user with administrative privileges in the web portal would be able to manipulate the Diagnostics module to obtain remote code execution on the local device as a low... |
| N/A | 2025-05-30 | CVE-2025-4636 | cve | Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalat... |
| N/A | 2025-05-30 | CVE-2025-1907 | cve | Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected. |
| N/A | 2025-05-30 | CVE-2025-41438 | cve | The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even though it is possible to change this by SSHing into the device, it has remained unc... |
| N/A | 2025-05-30 | CVE-2025-46352 | cve | The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and is visible as a string in the binary responsible for running VNC. This password ... |
| N/A | 2025-05-30 | CVE-2020-36846 | cve | A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli librar... |
| N/A | 2025-05-30 | CVE-2024-12224 | cve | Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might trea... |
| N/A | 2025-05-30 | CVE-2025-44612 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, including control information and device credentials, allowing attackers to possi... |
| N/A | 2025-05-30 | CVE-2025-44614 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including credentials and mobile phone numbers, in plaintext. |
| N/A | 2025-05-30 | CVE-2025-44619 | cve | Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication. |
| N/A | 2025-05-30 | CVE-2025-48757 | cve | An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote unauthenticated attackers to read or write to arbitrary database tables of generat... |
| N/A | 2025-05-30 | CVE-2025-44904 | cve | hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function. |
| Page(s) : 1 ... 141 142 143 144 145 146 147 148 149 150 [151] 152 153 154 155 156 157 158 159 160 161 ... | Result(s) : 324460 |
