| Page(s) : 1 ... 176 177 178 179 180 181 182 183 184 185 [186] 187 188 189 190 191 192 193 194 195 196 ... | Result(s) : 298775 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.4 | 2025-05-21 | CVE-2025-4221 | cve | The Animated Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'auto-downloader' shortcode in all versions up to, and inc... |
| 6.4 | 2025-05-21 | CVE-2025-4611 | cve | The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slim_seo_breadcrumbs shortcode in al... |
| 7.2 | 2025-05-21 | CVE-2025-4803 | cve | The Glossary by WPPedia – Best Glossary plugin for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.0 via deseriali... |
| N/A | 2025-05-21 | CVE-2025-1416 | cve | In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently use functionalities restricted by the MDM (Mobile Device Management). For it to ... |
| N/A | 2025-05-21 | CVE-2025-1417 | cve | In Proget MDM, a low-privileged user can access information about changes contained in backups of all devices managed by the MDM (Mobile Device Management). This information inc... |
| N/A | 2025-05-21 | CVE-2025-1418 | cve | A low-privileged user can access information about profiles created in Proget MDM (Mobile Device Management), which contain details about allowed/prohibited functions. The profi... |
| N/A | 2025-05-21 | CVE-2025-1419 | cve | Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has... |
| N/A | 2025-05-21 | CVE-2025-1420 | cve | Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting a... |
| N/A | 2025-05-21 | CVE-2025-1421 | cve | Data provided in a request performed to the server while activating a new device are put in a database. Other high privileged users might download this data as a CSV file and co... |
| N/A | 2025-05-21 | CVE-2025-40775 | cve | When an incoming DNS protocol message includes a Transaction Signature (TSIG), BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immedia... |
| N/A | 2025-05-21 | CVE-2025-48415 | cve | A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted "salia.ini" files. The .ini file can contain several "commands" that could be ex... |
| N/A | 2025-05-21 | CVE-2025-48416 | cve | An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configurat... |
| N/A | 2025-05-21 | CVE-2025-48417 | cve | The certificate and private key used for providing transport layer security for connections to the web interface (TCP port 443) is hard-coded in the firmware and are shipped wit... |
| N/A | 2025-05-21 | CVE-2024-42922 | cve | AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability. |
| N/A | 2025-05-21 | CVE-2024-56429 | cve | itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient.jar) for local users to read or write to the database. |
| N/A | 2025-05-21 | CVE-2025-44892 | cve | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in the web_rmon_alarm_post_rmon_alarm function. |
| N/A | 2025-05-21 | CVE-2025-44895 | cve | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter in the web_acl_ipv4BasedAceAdd function. |
| N/A | 2025-05-21 | CVE-2024-23337 | cve | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limi... |
| 5.4 | 2025-05-21 | CVE-2025-5029 | cve | A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch April 2025 and classified as critical. Affected by this vulnerability is the func... |
| N/A | 2025-05-21 | CVE-2025-27997 | cve | An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to escalate privileges via placing a crafted shell script or executable into the C:\ProgramData directory. |
| Page(s) : 1 ... 176 177 178 179 180 181 182 183 184 185 [186] 187 188 189 190 191 192 193 194 195 196 ... | Result(s) : 298775 |
