| Page(s) : 1 ... 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 [1557] 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 ... | Result(s) : 329475 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-10 | CVE-2024-47582 | cve | Due to missing validation of XML input, an unauthenticated attacker could send malicious input to an endpoint which leads to XML Entity Expansion attack. This causes limited imp... |
| N/A | 2024-12-10 | CVE-2024-47585 | cve | SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorizat... |
| N/A | 2024-12-10 | CVE-2024-54197 | cve | SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests.... |
| N/A | 2024-12-10 | CVE-2024-54198 | cve | In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can... |
| N/A | 2024-12-10 | CVE-2024-53552 | cve | CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover. |
| N/A | 2024-12-10 | CVE-2024-53919 | cve | An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or... |
| N/A | 2024-12-10 | CVE-2024-37143 | cve | Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for R... |
| N/A | 2024-12-10 | CVE-2024-37144 | cve | Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for R... |
| 8.5 | 2024-12-10 | CVE-2024-11205 | cve | The WPForms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wpforms_is_admin_page' function in versio... |
| N/A | 2024-12-10 | CVE-2024-21542 | cve | Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extr... |
| N/A | 2024-12-10 | CVE-2024-12393 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue a... |
| N/A | 2024-12-10 | CVE-2024-55634 | cve | A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. |
| N/A | 2024-12-10 | CVE-2024-55635 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue a... |
| N/A | 2024-12-10 | CVE-2024-55636 | cve | Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from... |
| N/A | 2024-12-10 | CVE-2024-55637 | cve | Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from... |
| N/A | 2024-12-10 | CVE-2024-55638 | cve | Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 7.0 before 7.102, from 8.0.0 before 10.2.11, from 10.... |
| 5.4 | 2024-12-10 | CVE-2024-9672 | cve | A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user mus... |
| N/A | 2024-12-09 | CVE-2022-29974 | cve | AMI (aka American Megatrends) NTFS driver 1.0.0 (fixed in late 2021 or early 2022) has a buffer overflow. This driver is, for example, used in certain ASUS devices. |
| N/A | 2024-12-09 | CVE-2024-12057 | cve | User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue W... |
| N/A | 2024-12-09 | CVE-2024-46547 | cve | A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper... |
| Page(s) : 1 ... 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 [1557] 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 ... | Result(s) : 329475 |
