| Page(s) : 1 ... 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 [1540] 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 ... | Result(s) : 329471 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2024-12-12 | CVE-2024-54529 | cve | A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to execute arbitrary c... |
| 5.5 | 2024-12-12 | CVE-2024-54531 | cve | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. An app may be able to bypass kASLR. |
| 9.8 | 2024-12-12 | CVE-2024-54534 | cve | The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. P... |
| N/A | 2024-12-12 | CVE-2024-55652 | cve | PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expre... |
| 7.5 | 2024-12-12 | CVE-2024-55657 | cve | SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The abse... |
| 7.5 | 2024-12-12 | CVE-2024-55658 | cve | SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traver... |
| 5.4 | 2024-12-12 | CVE-2024-55659 | cve | SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and ... |
| 9.8 | 2024-12-12 | CVE-2024-55660 | cve | SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SS... |
| 8.1 | 2024-12-12 | CVE-2024-10111 | cve | The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.26.3. This is due to insufficie... |
| 9.8 | 2024-12-12 | CVE-2024-11015 | cve | The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0. This is due to the 'authenticate_user'... |
| 6.1 | 2024-12-12 | CVE-2024-11279 | cve | The Schema App Structured Data plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in al... |
| 6.4 | 2024-12-12 | CVE-2024-11413 | cve | The HostFact bestelformulier integratie plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bestelformulier' shortcode in all vers... |
| 6.1 | 2024-12-12 | CVE-2024-11417 | cve | The dejure.org Vernetzungsfunktion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.97.5. This is due to missing or incor... |
| 6.1 | 2024-12-12 | CVE-2024-11419 | cve | The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validat... |
| 6.4 | 2024-12-12 | CVE-2024-11427 | cve | The Catch Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catch-popup' shortcode in all versions up to, and including, 1... |
| 6.5 | 2024-12-12 | CVE-2024-11430 | cve | The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of the 'gvn_schart_2' shortcode in all versions up to, and inclu... |
| 6.4 | 2024-12-12 | CVE-2024-11433 | cve | The Surbma | SalesAutopilot Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sa-form' shortcode in all versions up to... |
| 6.4 | 2024-12-12 | CVE-2024-11442 | cve | The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' short... |
| 8.8 | 2024-12-12 | CVE-2024-11443 | cve | The de:branding plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the debranding... |
| 6.1 | 2024-12-12 | CVE-2024-11683 | cve | The Newsletter Subscriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'token_type' parameter in all versions up to, and including, ... |
| Page(s) : 1 ... 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 [1540] 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 ... | Result(s) : 329471 |
