| Page(s) : 1 ... 349 350 351 352 353 354 355 356 357 358 [359] 360 361 362 363 364 365 366 367 368 369 ... | Result(s) : 324870 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-02 | CVE-2022-49932 | cve | In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace Call kvm_init() only after _all_ se... |
| N/A | 2025-05-02 | CVE-2022-21546 | cve | In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit tha... |
| 5.4 | 2025-05-02 | CVE-2024-13858 | cve | The BuddyBoss Platform plugin and BuddyBoss Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and includin... |
| N/A | 2025-05-02 | CVE-2022-49933 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-05-02 | CVE-2025-0782 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-05-02 | VU#360686 | VU-CERT | Digigram PYKO-OUT audio-over-IP (AoIP) does not require a password by default |
| N/A | 2025-05-01 | CVE-2025-47154 | cve | LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbit... |
| N/A | 2025-05-01 | CVE-2025-47153 | cve | Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inco... |
| N/A | 2025-05-01 | CVE-2025-46635 | cve | An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an att... |
| N/A | 2025-05-01 | CVE-2025-46634 | cve | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web ma... |
| N/A | 2025-05-01 | CVE-2025-46633 | cve | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server... |
| N/A | 2025-05-01 | CVE-2025-46632 | cve | Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypte... |
| N/A | 2025-05-01 | CVE-2025-46631 | cve | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS ... |
| N/A | 2025-05-01 | CVE-2025-46630 | cve | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system manag... |
| N/A | 2025-05-01 | CVE-2025-46629 | cve | Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration... |
| N/A | 2025-05-01 | CVE-2025-46628 | cve | Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access... |
| N/A | 2025-05-01 | CVE-2025-46627 | cve | Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easil... |
| N/A | 2025-05-01 | CVE-2025-46626 | cve | Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decryp... |
| N/A | 2025-05-01 | CVE-2025-46625 | cve | Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web ... |
| N/A | 2025-05-01 | CVE-2025-46569 | cve | Open Policy Agent (OPA) is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing docu... |
| Page(s) : 1 ... 349 350 351 352 353 354 355 356 357 358 [359] 360 361 362 363 364 365 366 367 368 369 ... | Result(s) : 324870 |
