| Page(s) : 1 ... 371 372 373 374 375 376 377 378 379 380 [381] 382 383 384 385 386 387 388 389 390 391 ... | Result(s) : 299173 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-28 | CVE-2025-32470 | cve | A remote unauthenticated attacker may be able to change the IP adress of the device, and therefore affecting the availability of the device. |
| 7.8 | 2025-04-28 | CVE-2025-3224 | cve | A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. Durin... |
| 9.1 | 2025-04-28 | CVE-2025-3200 | cve | An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and... |
| 9.8 | 2025-04-28 | CVE-2025-31651 | cve | Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specia... |
| 7.5 | 2025-04-28 | CVE-2025-31650 | cve | Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request w... |
| N/A | 2025-04-28 | CVE-2025-31144 | cve | Quick Agent V3 and Quick Agent V2 contain an issue with improper restriction of communication channel to intended endpoints. If exploited, a remote unauthenticated attacker may ... |
| N/A | 2025-04-28 | CVE-2025-27937 | cve | Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, an arbitrary file... |
| N/A | 2025-04-28 | CVE-2025-26692 | cve | Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, arbitrary code ma... |
| N/A | 2025-04-28 | CVE-2025-25776 | cve | Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows an attacker to execute arbi... |
| 3.4 | 2025-04-28 | CVE-2025-23377 | cve | Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an Improper Encoding or Escaping of Output vulnerability. A high privileged attacker with local acce... |
| 4.4 | 2025-04-28 | CVE-2025-23376 | cve | Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper Neutralization of Special Elements Used in a Template Engine vulnerability. A hi... |
| 7.8 | 2025-04-28 | CVE-2025-23375 | cve | Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could poten... |
| N/A | 2025-04-28 | CVE-2025-22235 | cve | EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be... |
| N/A | 2025-04-28 | CVE-2025-0627 | cve | The WordPress Tag, Category, and Taxonomy Manager WordPress plugin before 3.30.0 does not sanitise and escape some of its Widgets settings, which could allow high privilege use... |
| 4.3 | 2025-04-28 | CVE-2025-0049 | cve | When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allo... |
| N/A | 2025-04-28 | CVE-2024-9771 | cve | The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| 9.8 | 2025-04-28 | CVE-2024-32499 | cve | Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed. |
| N/A | 2025-04-28 | CVE-2024-13688 | cve | The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in its Password Protection feature, allowing attacker to bypass the protection off... |
| N/A | 2025-04-28 | CVE-2024-12706 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could all... |
| 5.4 | 2025-04-28 | CVE-2024-11922 | cve | Missing input validation in certain features of the Web Client of Fortra's GoAnywhere prior to version 7.8.0 allows an attacker with permission to trigger emails to insert ... |
| Page(s) : 1 ... 371 372 373 374 375 376 377 378 379 380 [381] 382 383 384 385 386 387 388 389 390 391 ... | Result(s) : 299173 |
