| Page(s) : 1 ... 319 320 321 322 323 324 325 326 327 328 [329] 330 331 332 333 334 335 336 337 338 339 ... | Result(s) : 299062 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-05 | CVE-2025-29573 | cve | Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module. |
| N/A | 2025-05-05 | CVE-2025-2905 | cve | An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XM... |
| N/A | 2025-05-05 | CVE-2025-28168 | cve | The Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extension and size validations are enforced so... |
| N/A | 2025-05-05 | CVE-2025-28062 | cve | A Cross-Site Request Forgery (CSRF) vulnerability was discovered in ERPNEXT 14.82.1 and 14.74.3. The vulnerability allows an attacker to perform unauthorized actions such as use... |
| N/A | 2025-05-05 | CVE-2025-27921 | cve | A reflected cross-site scripting (XSS) vulnerability was discovered in Output Messenger before 2.0.63, where unsanitized input could be injected into the web application’s respo... |
| N/A | 2025-05-05 | CVE-2025-26241 | cve | A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket |
| N/A | 2025-05-05 | CVE-2025-25504 | cve | An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC (In AV over IP products) v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device ov... |
| N/A | 2025-05-05 | CVE-2025-2545 | cve | Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/... |
| 7 | 2025-05-05 | CVE-2025-20671 | cve | In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the Syste... |
| 5.7 | 2025-05-05 | CVE-2025-20670 | cve | In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base s... |
| 7.8 | 2025-05-05 | CVE-2025-20668 | cve | In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the Sys... |
| 7.5 | 2025-05-05 | CVE-2025-20667 | cve | In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base sta... |
| 7.5 | 2025-05-05 | CVE-2025-20666 | cve | In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by... |
| 5.5 | 2025-05-05 | CVE-2025-20665 | cve | In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional e... |
| 5.3 | 2025-05-05 | CVE-2025-1992 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user, under non default configurat... |
| 9.8 | 2025-05-05 | CVE-2025-1909 | cve | The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the ... |
| N/A | 2025-05-05 | CVE-2025-1493 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of service due to concurrent ex... |
| 6.5 | 2025-05-05 | CVE-2025-1000 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of servic... |
| 6.5 | 2025-05-05 | CVE-2025-0915 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 under specific configurations could allow an authenticated ... |
| N/A | 2025-05-05 | CVE-2025-0217 | cve | BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details... |
| Page(s) : 1 ... 319 320 321 322 323 324 325 326 327 328 [329] 330 331 332 333 334 335 336 337 338 339 ... | Result(s) : 299062 |
