| Page(s) : 1 ... 361 362 363 364 365 366 367 368 369 370 [371] 372 373 374 375 376 377 378 379 380 381 ... | Result(s) : 299128 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.1 | 2025-04-29 | CVE-2025-46349 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthen... |
| 9.8 | 2025-04-29 | CVE-2025-46348 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are c... |
| 9.8 | 2025-04-29 | CVE-2025-46347 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki vulnerable to remote code execution. An arbitrary file write can be used to write a file with a PHP exte... |
| 5.4 | 2025-04-29 | CVE-2025-46346 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a stored cross-site scripting (XSS) vulnerability was discovered in the application’s comments feature. This iss... |
| N/A | 2025-04-29 | CVE-2025-46344 | cve | The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke `.setExpirationTi... |
| 5.4 | 2025-04-29 | CVE-2025-46343 | cve | n8n is a workflow automation platform. Prior to version 1.90.0, n8n is vulnerable to stored cross-site scripting (XSS) through the attachments view endpoint. n8n workflows can s... |
| 6.1 | 2025-04-29 | CVE-2025-46338 | cve | Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.21.0, an improper input handling vulnerability in the `/api/upload` endpoint allows an attacker ... |
| 3.3 | 2025-04-29 | CVE-2025-46330 | cve | libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status ... |
| 3.3 | 2025-04-29 | CVE-2025-46329 | cve | libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging... |
| N/A | 2025-04-29 | CVE-2025-45956 | cve | A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory Management System v1.0 allows an authenticated attacker to execute arbitrary SQL command... |
| N/A | 2025-04-29 | CVE-2025-4095 | cve | Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration pro... |
| N/A | 2025-04-29 | CVE-2025-4093 | cve | Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been ... |
| N/A | 2025-04-29 | CVE-2025-4092 | cve | Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could... |
| N/A | 2025-04-29 | CVE-2025-4091 | cve | Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that... |
| N/A | 2025-04-29 | CVE-2025-4090 | cve | A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird... |
| N/A | 2025-04-29 | CVE-2025-4089 | cve | Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execu... |
| N/A | 2025-04-29 | CVE-2025-4088 | cve | A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Ac... |
| N/A | 2025-04-29 | CVE-2025-4087 | cve | A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-... |
| N/A | 2025-04-29 | CVE-2025-4086 | cve | A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug onl... |
| N/A | 2025-04-29 | CVE-2025-4085 | cve | An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability a... |
| Page(s) : 1 ... 361 362 363 364 365 366 367 368 369 370 [371] 372 373 374 375 376 377 378 379 380 381 ... | Result(s) : 299128 |
