| Page(s) : 1 ... 382 383 384 385 386 387 388 389 390 391 [392] 393 394 395 396 397 398 399 400 401 402 ... | Result(s) : 299230 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 10 | 2025-04-25 | CVE-2025-32432 | cve | Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.... |
| N/A | 2025-04-25 | CVE-2025-32045 | cve | A flaw has been identified in Moodle where insufficient capability checks in certain grade reports allowed users without the necessary permissions to access hidden grades. |
| N/A | 2025-04-25 | CVE-2025-32044 | cve | A flaw has been identified in Moodle where, on certain sites, unauthenticated users could retrieve sensitive user data—including names, contact information, and hashed passwords... |
| 5.5 | 2025-04-25 | CVE-2025-2986 | cve | IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI th... |
| N/A | 2025-04-25 | CVE-2025-28354 | cve | An issue in the Printer Manager Systm of Entrust Corp Printer Manager D3.18.4-3 and below allows attackers to execute a directory traversal via a crafted POST request. |
| N/A | 2025-04-25 | CVE-2025-28128 | cve | An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request. |
| N/A | 2025-04-25 | CVE-2025-28076 | cve | Multiple SQL injection vulnerabilities in EasyVirt DCScope |
| 4.9 | 2025-04-25 | CVE-2025-2580 | cve | The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insuffici... |
| N/A | 2025-04-25 | CVE-2025-25775 | cve | Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder. |
| 9.8 | 2025-04-25 | CVE-2025-2470 | cve | The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up ... |
| 8.8 | 2025-04-25 | CVE-2025-2238 | cve | The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinge... |
| N/A | 2025-04-25 | CVE-2025-2185 | cve | ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an at... |
| 5 | 2025-04-25 | CVE-2025-2070 | cve | An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2069 | cve | A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2068 | cve | An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user. |
| 7.5 | 2025-04-25 | CVE-2025-1565 | cve | The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This ... |
| 8.8 | 2025-04-25 | CVE-2025-1279 | cve | The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ux_... |
| N/A | 2025-04-25 | CVE-2025-0671 | cve | The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Template settings, which could allow high privilege users such as admin to perform S... |
| N/A | 2025-04-25 | CVE-2024-6199 | cve | An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific respons... |
| N/A | 2025-04-25 | CVE-2024-6198 | cve | The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack ... |
| Page(s) : 1 ... 382 383 384 385 386 387 388 389 390 391 [392] 393 394 395 396 397 398 399 400 401 402 ... | Result(s) : 299230 |
