| Page(s) : 1 ... 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 [1543] 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 ... | Result(s) : 329471 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2024-12-11 | CVE-2024-11008 | cve | The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the Word... |
| 7.1 | 2024-12-11 | CVE-2024-11840 | cve | The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on... |
| 5.3 | 2024-12-11 | CVE-2024-12294 | cve | The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'get_legacy_coo... |
| 6.1 | 2024-12-11 | CVE-2024-12325 | cve | The Waymark plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.4.1 due to insufficient inpu... |
| 6.5 | 2024-12-11 | CVE-2023-23472 | cve | IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks a... |
| 5.3 | 2024-12-11 | CVE-2024-11351 | cve | The Restrict – membership, site, content and user access restrictions for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, a... |
| 4.3 | 2024-12-11 | CVE-2024-51460 | cve | IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. Th... |
| N/A | 2024-12-11 | VU#164934 | VU-CERT | PDQ Deploy allows reuse of deleted credentials that can compromise a device and facilitate lateral movement |
| N/A | 2024-12-11 | CVE-2024-11053 | cve | When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain c... |
| 6.7 | 2024-12-11 | CVE-2024-52537 | cve | Dell Client Platform Firmware Update Utility contains an Improper Link Resolution vulnerability. A high privileged attacker with local access could potentially exploit this vuln... |
| 7 | 2024-12-11 | CVE-2024-53289 | cve | Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this v... |
| 8.4 | 2024-12-11 | CVE-2024-53290 | cve | Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. An unauthenticated attacker wit... |
| 6.7 | 2024-12-11 | CVE-2024-53292 | cve | Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit t... |
| N/A | 2024-12-11 | CVE-2024-10511 | cve | CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the web interface when someone on the local network repeatedly requests the /accessden... |
| 6.1 | 2024-12-11 | CVE-2024-12004 | cve | The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incor... |
| 6.1 | 2024-12-11 | CVE-2024-12283 | cve | The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sa... |
| N/A | 2024-12-11 | CVE-2024-11401 | cve | Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can su... |
| N/A | 2024-12-11 | CVE-2024-11737 | cve | CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated ... |
| N/A | 2024-12-11 | CVE-2024-12363 | cve | Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. Team... |
| N/A | 2024-12-11 | CVE-2024-54269 | cve | Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.... |
| Page(s) : 1 ... 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 [1543] 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 ... | Result(s) : 329471 |
