| Page(s) : 1 ... 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 ... | Result(s) : 97066 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.1 | 2025-05-30 | CVE-2025-48477 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions t... |
| 7.2 | 2025-05-30 | CVE-2025-41385 | cve | An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user. |
| 7.5 | 2025-05-30 | CVE-2025-47697 | cve | Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affecte... |
| 8.8 | 2025-05-30 | CVE-2025-48492 | cve | GetSimple CMS is a content management system. In versions starting from 3.3.16 to 3.3.21, an authenticated user with access to the Edit component can inject arbitrary PHP into a... |
| 8.8 | 2025-05-30 | CVE-2025-48936 | cve | Zitadel is open-source identity infrastructure software. Prior to versions 2.70.12, 2.71.10, and 3.2.2, a potential vulnerability exists in the password reset mechanism. ZITADEL... |
| 8.8 | 2025-05-30 | CVE-2024-12224 | cve | Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might trea... |
| 7.5 | 2025-05-29 | CVE-2024-49350 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service a... |
| 7.5 | 2025-05-29 | CVE-2025-2518 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash ... |
| 8.8 | 2025-05-29 | CVE-2025-5327 | cve | A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects the function index of the file sys/apps/controllers/api/Gf.php. The manipulation... |
| 8.8 | 2025-05-29 | CVE-2025-5328 | cve | A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restore_del of the file /sys/apps/controllers/admin/Bac... |
| 8.1 | 2025-05-29 | CVE-2025-48472 | cve | FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, there is no check to ensure that the user is disabling notifications for the mailbox to w... |
| 7.3 | 2025-05-29 | CVE-2025-46722 | cve | vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalH... |
| 7.5 | 2025-05-29 | CVE-2024-52588 | cve | Strapi is an open-source content management system. Prior to version 4.25.2, inputting a local domain into the Webhooks URL field leads to the application fetching itself, resul... |
| 7.5 | 2025-05-28 | CVE-2024-38341 | cve | IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an at... |
| 7.5 | 2025-05-28 | CVE-2024-51453 | cve | IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request con... |
| 7.8 | 2025-05-28 | CVE-2025-32801 | cve | Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, ... |
| 7.3 | 2025-05-28 | CVE-2025-5299 | cve | A vulnerability was found in SourceCodester Client Database Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /user_or... |
| 8.8 | 2025-05-28 | CVE-2025-4800 | cve | The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a missing file type validation in the stm_lms_add_assignment_attachment function in a... |
| 7.2 | 2025-05-28 | CVE-2025-22252 | cve | A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 an... |
| 7.8 | 2025-05-28 | CVE-2025-25251 | cve | An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privi... |
| Page(s) : 1 ... 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 ... | Result(s) : 97066 |
