Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 315 316 317 318 319 320 321 322 323 324 [325] 326 327 328 329 330 331 332 333 334 335 ... Result(s) : 299062

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-05-05 CVE-2025-46340 cve Misskey is an open source, federated social media platform. Starting in version 12.0.0 and prior to version 2025.4.1, due to an oversight in the validation performed in `UrlPrev...
5.4 2025-05-05 CVE-2025-46335 cve Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting (XSS) vulnerability h...
6.1 2025-05-05 CVE-2025-45751 cve SourceCodester Web Based Pharmacy Product Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add-admin.php via the Fullname text field.
N/A 2025-05-05 CVE-2025-45618 cve Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a craft...
N/A 2025-05-05 CVE-2025-45617 cve Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45616 cve Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request.
N/A 2025-05-05 CVE-2025-45615 cve Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request.
N/A 2025-05-05 CVE-2025-45614 cve Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45613 cve Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45612 cve Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index.
N/A 2025-05-05 CVE-2025-45611 cve Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request.
N/A 2025-05-05 CVE-2025-45610 cve Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45609 cve Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45608 cve Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload.
N/A 2025-05-05 CVE-2025-45607 cve An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
8.8 2025-05-05 CVE-2025-45322 cve kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.
8.8 2025-05-05 CVE-2025-45321 cve kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword.
5.3 2025-05-05 CVE-2025-45320 cve A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0.
N/A 2025-05-05 CVE-2025-45242 cve Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php.
N/A 2025-05-05 CVE-2025-45240 cve foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php.
Page(s) : 1 ... 315 316 317 318 319 320 321 322 323 324 [325] 326 327 328 329 330 331 332 333 334 335 ... Result(s) : 299062