| Page(s) : 1 ... 175 176 177 178 179 180 181 182 183 184 [185] 186 187 188 189 190 191 192 193 194 195 ... | Result(s) : 298775 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.7 | 2025-05-21 | CVE-2025-5013 | cve | A vulnerability, which was classified as problematic, was found in HkCms up to 2.3.2.240702. This affects an unknown part of the file /index.php/search/index.html of the compone... |
| 5.3 | 2025-05-21 | CVE-2021-25254 | cve | Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar. |
| 7.5 | 2025-05-21 | CVE-2021-25255 | cve | Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. |
| 5.4 | 2025-05-21 | CVE-2021-25262 | cve | Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack. |
| 9.8 | 2025-05-21 | CVE-2025-4524 | cve | The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the ... |
| 9.8 | 2025-05-21 | CVE-2025-4949 | cve | In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git... |
| N/A | 2025-05-21 | CVE-2019-16536 | cve | Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3. |
| N/A | 2025-05-21 | CVE-2025-1712 | cve | Argument injection in special agent configuration in Checkmk |
| 6.1 | 2025-05-21 | CVE-2024-12561 | cve | The Affiliate Sales in Google Analytics and other tools plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.4.9. This is due to insuffici... |
| N/A | 2025-05-21 | CVE-2025-1415 | cve | A low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM (Mobile Device Management), as well as details of the devices like t... |
| N/A | 2025-05-21 | CVE-2025-27803 | cve | The devices do not implement any authentication for the web interface or the MQTT server. An attacker who has network access to the device immediately gets administrative access... |
| N/A | 2025-05-21 | CVE-2025-27804 | cve | Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt.php script. By publishing a specially crafted message to a certain MQTT topic ar... |
| 6.4 | 2025-05-21 | CVE-2025-3750 | cve | The Network Posts Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘post_height’ parameter in all versions up to, and including, 7.7.1 due to i... |
| 6.4 | 2025-05-21 | CVE-2025-3781 | cve | The Raisely Donation Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's raisely_donation_form shortcode in all versions up to, and incl... |
| N/A | 2025-05-21 | CVE-2025-41232 | cve | Spring Security Aspects may not correctly locate method security annotations on private methods. This can cause an authorization bypass. Your application may be affected by thi... |
| N/A | 2025-05-21 | CVE-2025-48413 | cve | The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no ... |
| N/A | 2025-05-21 | CVE-2025-48414 | cve | There are several scripts in the web interface that are accessible via undocumented hard-coded credentials. The scripts provide access to additional administrative/debug functio... |
| 5.4 | 2025-05-21 | CVE-2025-4105 | cve | The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the 'splitIt-flexfields-payment... |
| 6.4 | 2025-05-21 | CVE-2025-4217 | cve | The WP YouTube Video Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ib_youtube' shortcode in all versions up to, an... |
| 6.4 | 2025-05-21 | CVE-2025-4219 | cve | The DPEPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dpe' shortcode in all versions up to, and including, 0.3 due to i... |
| Page(s) : 1 ... 175 176 177 178 179 180 181 182 183 184 [185] 186 187 188 189 190 191 192 193 194 195 ... | Result(s) : 298775 |
