| Page(s) : 1 ... 392 393 394 395 396 397 398 399 400 401 [402] 403 404 405 406 407 408 409 410 411 412 ... | Result(s) : 299257 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-24 | CVE-2025-29568 | cve | A vulnerability has been discovered in the code-projects Online Class and Exam Scheduling System 1.0. The issue affects some unknown features in the file /Scheduling/pages/class... |
| N/A | 2025-04-24 | CVE-2025-29529 | cve | ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx. |
| N/A | 2025-04-24 | CVE-2025-27820 | cve | A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team... |
| N/A | 2025-04-24 | CVE-2025-27581 | cve | NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via direct requests to known end... |
| N/A | 2025-04-24 | CVE-2025-27580 | cve | NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and the fixed 7Dl9#dj- string) an... |
| N/A | 2025-04-24 | CVE-2025-26382 | cve | Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue |
| 6.4 | 2025-04-24 | CVE-2025-2579 | cve | The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input saniti... |
| N/A | 2025-04-24 | CVE-2025-25777 | cve | Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the user ID in the URL, an attac... |
| N/A | 2025-04-24 | CVE-2025-2558 | cve | The-wound WordPress theme through 0.0.1 does not validate some parameters before using them to generate paths passed to include function/s, allowing unauthenticated users to per... |
| 6.4 | 2025-04-24 | CVE-2025-2543 | cve | The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to ... |
| 6.7 | 2025-04-24 | CVE-2025-1976 | cve | Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privile... |
| N/A | 2025-04-24 | CVE-2025-1908 | cve | An issue has been discovered in GitLab EE/CE that could allow an attacker to track users' browsing activities, potentially leading to full account take-over, affecting all ... |
| N/A | 2025-04-24 | CVE-2025-1453 | cve | The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store... |
| 7.2 | 2025-04-24 | CVE-2025-1294 | cve | The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due to insufficient input sanit... |
| 4.3 | 2025-04-24 | CVE-2025-1284 | cve | The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up t... |
| N/A | 2025-04-24 | CVE-2025-0639 | cve | An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 bef... |
| N/A | 2025-04-24 | CVE-2024-30148 | cve | Improper access control of endpoint in HCL Leap allows certain admin users to import applications from the server's filesystem. |
| N/A | 2025-04-24 | CVE-2024-30147 | cve | Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. |
| N/A | 2025-04-24 | CVE-2024-30127 | cve | Missing "no cache" headers in HCL Leap permits sensitive data to be cached. |
| N/A | 2025-04-24 | CVE-2024-30114 | cve | Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. |
| Page(s) : 1 ... 392 393 394 395 396 397 398 399 400 401 [402] 403 404 405 406 407 408 409 410 411 412 ... | Result(s) : 299257 |
