| Page(s) : 1 ... 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 [1556] 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 ... | Result(s) : 329475 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2024-12-10 | CVE-2024-54095 | cve | A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can b... |
| N/A | 2024-12-10 | CVE-2024-55586 | cve | Nette Database through 3.2.4 allows SQL injection in certain situations involving an untrusted filter that is directly passed to the where method. NOTE: the vendor's positi... |
| N/A | 2024-12-10 | CVE-2024-5660 | cve | Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2... |
| 7.7 | 2024-12-10 | CVE-2023-6947 | cve | The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for... |
| N/A | 2024-12-10 | CVE-2024-10708 | cve | The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal a... |
| N/A | 2024-12-10 | CVE-2024-11107 | cve | The System Dashboard WordPress plugin before 2.8.15 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to per... |
| N/A | 2024-12-10 | CVE-2024-28138 | cve | An unauthenticated attacker with network access to the affected device's web interface can execute any system command via the "msg_events.php" script as the www-data user. ... |
| N/A | 2024-12-10 | CVE-2024-47946 | cve | If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as... |
| 6.4 | 2024-12-10 | CVE-2024-11940 | cve | The Property Hive Mortgage Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘price’ parameter in all versions up to, and including, 1.0.6 due... |
| 5.5 | 2024-12-10 | CVE-2024-45709 | cve | SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default de... |
| N/A | 2024-12-10 | CVE-2024-8256 | cve | In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handlin... |
| 6.4 | 2024-12-10 | CVE-2024-11945 | cve | The Email Reminders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.4 due to insufficient inpu... |
| 6.1 | 2024-12-10 | CVE-2024-11973 | cve | The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versi... |
| N/A | 2024-12-10 | CVE-2024-32732 | cve | Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on C... |
| N/A | 2024-12-10 | CVE-2024-47576 | cve | SAP Product Lifecycle Costing Client (versions below 4.7.1) application loads on demand a DLL that is available with Windows OS. This DLL is loaded from the computer running SAP... |
| N/A | 2024-12-10 | CVE-2024-47577 | cve | Webservice API endpoints for Assisted Service Module within SAP Commerce Cloud has information disclosure vulnerability. When an authorized agent searches for customer to manage... |
| N/A | 2024-12-10 | CVE-2024-47578 | cve | Adobe Document Service allows an attacker with administrator privileges to send a crafted request from a vulnerable web application. It is usually used to target internal system... |
| N/A | 2024-12-10 | CVE-2024-47579 | cve | An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to... |
| N/A | 2024-12-10 | CVE-2024-47580 | cve | An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment. By specifying the file to be an internal server file an... |
| N/A | 2024-12-10 | CVE-2024-47581 | cve | SAP HCM Approve Timesheets Version 4 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.There is low im... |
| Page(s) : 1 ... 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 [1556] 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 ... | Result(s) : 329475 |
