| Page(s) : 1 ... 141 142 143 144 145 146 147 148 149 150 [151] 152 153 154 155 156 157 158 159 160 161 ... | Result(s) : 298704 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-28 | CVE-2024-47056 | cve | SummaryThis advisory addresses a security vulnerability in Mautic where sensitive .envĀ configuration files may be directly accessible via a web browser. This exposure could lead... |
| 7.8 | 2025-05-28 | CVE-2025-32801 | cve | Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, ... |
| 6.1 | 2025-05-28 | CVE-2025-32802 | cve | Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API ... |
| N/A | 2025-05-28 | CVE-2025-36572 | cve | Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with t... |
| N/A | 2025-05-28 | CVE-2025-48746 | cve | Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11.1.25134.03 lacks Authentication for a Critical Function. |
| N/A | 2025-05-28 | CVE-2025-48925 | cve | The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential, as ex... |
| N/A | 2025-05-28 | CVE-2025-48926 | cve | The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers, as exploited in the wil... |
| N/A | 2025-05-28 | CVE-2025-48927 | cve | The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. |
| N/A | 2025-05-28 | CVE-2025-48928 | cve | The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent ove... |
| N/A | 2025-05-28 | CVE-2025-48929 | cve | The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a lat... |
| N/A | 2025-05-28 | CVE-2025-48930 | cve | The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues, ... |
| N/A | 2025-05-28 | CVE-2025-48931 | cve | The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort. |
| N/A | 2025-05-28 | CVE-2025-5257 | cve | SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search en... |
| N/A | 2025-05-28 | CVE-2025-1753 | cve | LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the `--files` argument, which is directly... |
| 6.4 | 2025-05-28 | CVE-2025-4963 | cve | The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input san... |
| N/A | 2025-05-28 | CVE-2025-40673 | cve | A Missing Authorization vulnerability has been found in DinoRANK. This vulnerability allows an attacker to access invoices of any user via accessing endpoint '/facturas/Y... |
| 7.3 | 2025-05-28 | CVE-2025-5295 | cve | A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code of the component PORT Command Handler. The manipulation l... |
| N/A | 2025-05-28 | CVE-2025-3864 | cve | Hackney fails to properly release HTTP connections to the pool after handling 307 Temporary Redirect responses. Remote attackers can exploit this to exhaust connection pools, ca... |
| 6.6 | 2025-05-28 | CVE-2025-5297 | cve | A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipu... |
| 9.8 | 2025-05-28 | CVE-2025-5298 | cve | A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/betweendates-... |
| Page(s) : 1 ... 141 142 143 144 145 146 147 148 149 150 [151] 152 153 154 155 156 157 158 159 160 161 ... | Result(s) : 298704 |
