| Page(s) : 1 ... 249 250 251 252 253 254 255 256 257 258 [259] 260 261 262 263 264 265 266 267 268 269 ... | Result(s) : 298997 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-05-13 | CVE-2025-4473 | cve | The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This... |
| N/A | 2025-05-13 | CVE-2025-44039 | cve | CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections for its UART console. This vulnerability allows local attackers to connect to t... |
| 7.5 | 2025-05-13 | CVE-2025-4396 | cve | The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24... |
| 7.8 | 2025-05-13 | CVE-2025-43557 | cve | Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the... |
| 7.8 | 2025-05-13 | CVE-2025-43556 | cve | Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the ... |
| 7.8 | 2025-05-13 | CVE-2025-43555 | cve | Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context... |
| 7.8 | 2025-05-13 | CVE-2025-43547 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the cu... |
| 7.8 | 2025-05-13 | CVE-2025-43546 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context o... |
| 7.8 | 2025-05-13 | CVE-2025-43545 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the c... |
| 4.3 | 2025-05-13 | CVE-2025-4339 | cve | The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions up to, and includin... |
| 8.8 | 2025-05-13 | CVE-2025-4317 | cve | The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and inclu... |
| 7.7 | 2025-05-13 | CVE-2025-43011 | cve | Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restri... |
| 8.3 | 2025-05-13 | CVE-2025-43010 | cve | SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function modu... |
| 6.3 | 2025-05-13 | CVE-2025-43009 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 5.8 | 2025-05-13 | CVE-2025-43008 | cve | Due to missing authorization check, an unauthorized user can view the files of other company. This might lead to disclosure of personal data of employees. There is no impact on ... |
| 6.3 | 2025-05-13 | CVE-2025-43007 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 6.1 | 2025-05-13 | CVE-2025-43006 | cve | SAP Supplier Relationship Management (Master Data Management Catalogue) allows an unauthenticated attacker to execute malicious scripts in the application, potentially leading t... |
| 4.3 | 2025-05-13 | CVE-2025-43005 | cve | SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does ... |
| 5.3 | 2025-05-13 | CVE-2025-43004 | cve | Due to a security misconfiguration vulnerability, customers can develop Production Operator Dashboards (PODs) that enable outside users to access customer data when they access ... |
| 6.4 | 2025-05-13 | CVE-2025-43003 | cve | SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On per... |
| Page(s) : 1 ... 249 250 251 252 253 254 255 256 257 258 [259] 260 261 262 263 264 265 266 267 268 269 ... | Result(s) : 298997 |
