| Page(s) : 1 ... 376 377 378 379 380 381 382 383 384 385 [386] 387 388 389 390 391 392 393 394 395 396 ... | Result(s) : 299185 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-26 | CVE-2025-46653 | cve | Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented... |
| N/A | 2025-04-26 | CVE-2025-46652 | cve | In IZArc through 4.5, there is a Mark-of-the-Web Bypass Vulnerability. When a user performs an extraction from an archive file that bears Mark-of-the-Web, Mark-of-the-Web is not... |
| N/A | 2025-04-26 | CVE-2025-46646 | cve | In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. |
| N/A | 2025-04-26 | CVE-2025-3954 | cve | A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the component Referer Handler. ... |
| 4.3 | 2025-04-26 | CVE-2025-3915 | cve | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function i... |
| 8.8 | 2025-04-26 | CVE-2025-3914 | cve | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropage_media_downloader' func... |
| 8.8 | 2025-04-26 | CVE-2025-3906 | cve | The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wep_opcoes' ... |
| 7.2 | 2025-04-26 | CVE-2025-3491 | cve | The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.0.1 via the '... |
| N/A | 2025-04-26 | CVE-2025-2907 | cve | The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only updat... |
| 8 | 2025-04-26 | CVE-2025-2851 | cve | A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint,... |
| 3.5 | 2025-04-26 | CVE-2025-2850 | cve | A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B13... |
| N/A | 2025-04-26 | CVE-2025-2811 | cve | A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B13... |
| 7.3 | 2025-04-26 | CVE-2025-2801 | cve | The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to... |
| 8.1 | 2025-04-26 | CVE-2025-2105 | cve | The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the '... |
| 8.1 | 2025-04-26 | CVE-2025-2101 | cve | The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumall_laz... |
| 5.4 | 2025-04-26 | CVE-2025-1458 | cve | The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widg... |
| N/A | 2025-04-26 | CVE-2024-53636 | cve | An arbitrary file upload vulnerability via writefile.php of Serosoft Academia Student Information System (SIS) EagleR-1.0.118 allows attackers to execute arbitrary code via ../ ... |
| 6.5 | 2025-04-26 | CVE-2024-13812 | cve | The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.1.1. This is due to the software allowing u... |
| 8.8 | 2025-04-26 | CVE-2024-13808 | cve | The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to... |
| 6.1 | 2025-04-25 | CVE-2025-46618 | cve | In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab |
| Page(s) : 1 ... 376 377 378 379 380 381 382 383 384 385 [386] 387 388 389 390 391 392 393 394 395 396 ... | Result(s) : 299185 |
