Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 391 392 393 394 395 396 397 398 399 400 [401] 402 403 404 405 406 407 408 409 410 411 ... Result(s) : 299230

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-04-24 CVE-2025-25777 cve Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attac...
N/A 2025-04-24 CVE-2025-2558 cve The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to generate paths passed to include function/s, allowing unauthenticated users to per...
6.4 2025-04-24 CVE-2025-2543 cve The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to ...
6.7 2025-04-24 CVE-2025-1976 cve Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privile...
N/A 2025-04-24 CVE-2025-1908 cve An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all ...
N/A 2025-04-24 CVE-2025-1453 cve The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store...
7.2 2025-04-24 CVE-2025-1294 cve The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due to insufficient input sanit...
4.3 2025-04-24 CVE-2025-1284 cve The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up t...
N/A 2025-04-24 CVE-2025-0639 cve An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 bef...
N/A 2025-04-24 CVE-2024-30148 cve Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem.
N/A 2025-04-24 CVE-2024-30147 cve Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications.
N/A 2025-04-24 CVE-2024-30127 cve Missing "no cache" headers in HCL Leap permits sensitive data to be cached.
N/A 2025-04-24 CVE-2024-30114 cve Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment.
N/A 2025-04-24 CVE-2024-30113 cve Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.
5.3 2025-04-24 CVE-2024-13307 cve The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales...
N/A 2025-04-24 CVE-2024-12244 cve An issue has been discovered in access controls could allow users to view certain restricted project information even when related features are disabled in GitLab EE, affecting ...
N/A 2025-04-24 CVE-2023-45720 cve Insufficient default configuration in HCL Leap allows anonymous access to directory information.
N/A 2025-04-24 CVE-2023-37534 cve Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters.
N/A 2025-04-24 CVE-2023-37516 cve Missing "no cache" headers in HCL Leap permits user directory information to be cached.
N/A 2025-04-24 CVE-2022-44760 cve Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications.
Page(s) : 1 ... 391 392 393 394 395 396 397 398 399 400 [401] 402 403 404 405 406 407 408 409 410 411 ... Result(s) : 299230