| Page(s) : 1 ... 325 326 327 328 329 330 331 332 333 334 [335] 336 337 338 339 340 341 342 343 344 345 ... | Result(s) : 324821 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-05-06 | CVE-2025-4300 | cve | A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /search_list.php. The manipulati... |
| 9.8 | 2025-05-06 | CVE-2025-4299 | cve | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The m... |
| 9.8 | 2025-05-06 | CVE-2025-4298 | cve | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The... |
| 9.8 | 2025-05-06 | CVE-2025-40625 | cve | Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file to obtain a R... |
| 9.8 | 2025-05-06 | CVE-2025-40624 | cve | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the datab... |
| 9.8 | 2025-05-06 | CVE-2025-40623 | cve | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the datab... |
| 9.8 | 2025-05-06 | CVE-2025-40622 | cve | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the datab... |
| 9.8 | 2025-05-06 | CVE-2025-40621 | cve | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the datab... |
| 9.8 | 2025-05-06 | CVE-2025-40620 | cve | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the datab... |
| N/A | 2025-05-06 | CVE-2025-4041 | cve | In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perfor... |
| 6.4 | 2025-05-06 | CVE-2025-3782 | cve | The Cision Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 4.3.0 due to insufficient input s... |
| N/A | 2025-05-06 | CVE-2025-37730 | cve | Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP output was not be... |
| 8.8 | 2025-05-06 | CVE-2025-3610 | cve | The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is due to the plugin not pro... |
| 5.3 | 2025-05-06 | CVE-2025-3609 | cve | The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'reales_user_signup_... |
| 5.3 | 2025-05-06 | CVE-2025-3281 | cve | The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Insecure Direct Object Reference in all version... |
| N/A | 2025-05-06 | CVE-2025-32022 | cve | Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, ... |
| 5.4 | 2025-05-06 | CVE-2025-3020 | cve | An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact. |
| N/A | 2025-05-06 | CVE-2025-30165 | cve | vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purpos... |
| 8.8 | 2025-05-06 | CVE-2025-2898 | cve | IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access... |
| 7.3 | 2025-05-06 | CVE-2025-2802 | cve | The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to exe... |
| Page(s) : 1 ... 325 326 327 328 329 330 331 332 333 334 [335] 336 337 338 339 340 341 342 343 344 345 ... | Result(s) : 324821 |
