| Page(s) : 1 ... 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 [1579] 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 ... | Result(s) : 329510 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2024-12-06 | CVE-2024-11730 | cve | The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'sort[]' parameter of the static_data_list AJAX act... |
| N/A | 2024-12-06 | CVE-2024-53907 | cve | An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential de... |
| N/A | 2024-12-06 | CVE-2024-53908 | cve | An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle data... |
| N/A | 2024-12-06 | CVE-2024-10771 | cve | Due to missing input validation during one step of the firmware update process, the product is vulnerable to remote code execution. With network access and the user level ”Servi... |
| N/A | 2024-12-06 | CVE-2024-10772 | cve | Since the firmware update is not validated, an attacker can install modified firmware on the device. This has a high impact on the availabilty, integrity and confidentiality up ... |
| N/A | 2024-12-06 | CVE-2024-10773 | cve | The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user l... |
| N/A | 2024-12-06 | CVE-2024-10774 | cve | Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of large parts of the web application without authentication. |
| N/A | 2024-12-06 | CVE-2024-10776 | cve | Lua apps can be deployed, removed, started, reloaded or stopped without authorization via AppManager. This allows an attacker to remove legitimate apps creating a DoS attack, re... |
| N/A | 2024-12-06 | CVE-2024-11022 | cve | The authentication process to the web server uses a challenge response procedure which inludes the nonce and additional information. This challenge can be used several times for... |
| 8.1 | 2024-12-06 | CVE-2024-10516 | cve | The Swift Performance Lite plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 2.3.7.1 via the 'ajaxify' function. Thi... |
| 5.4 | 2024-12-06 | CVE-2024-11321 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hi e-learning Learning Management System (LMS) allows Refl... |
| N/A | 2024-12-06 | CVE-2024-21571 | cve | Snyk has identified a remote code execution (RCE) vulnerability in all versions of Code Agent. The vulnerability enables an attacker to execute arbitrary code within the Code Ag... |
| 6.4 | 2024-12-06 | CVE-2024-4633 | cve | The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘addExtraMimeType’ function in versions up to, and including... |
| N/A | 2024-12-06 | CVE-2024-51615 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL ... |
| N/A | 2024-12-06 | CVE-2024-51815 | cve | Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro allows Code Injection.This issue affects s2Member Pro: from n/a throu... |
| 9.8 | 2024-12-06 | CVE-2024-52335 | cve | A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The affected application do not properly sanitize input data before sending it to the SQL s... |
| N/A | 2024-12-06 | CVE-2024-53794 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks allows Stored XSS.This issue affects Arkhe... |
| N/A | 2024-12-06 | CVE-2024-53795 | cve | Missing Authorization vulnerability in Andy Moyle Church Admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Church Admin: from n/a through ... |
| 5.4 | 2024-12-06 | CVE-2024-53796 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows DOM-Based XSS.T... |
| 5.4 | 2024-12-06 | CVE-2024-53797 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This iss... |
| Page(s) : 1 ... 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 [1579] 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 ... | Result(s) : 329510 |
