| Page(s) : 1 ... 423 424 425 426 427 428 429 430 431 432 [433] 434 435 436 437 438 439 440 441 442 443 ... | Result(s) : 325197 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-22 | CVE-2025-43952 | cve | A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts... |
| N/A | 2025-04-22 | CVE-2025-43951 | cve | LabVantage before LV 8.8.0.13 HF6 allows local file inclusion. Authenticated users can retrieve arbitrary files from the environment via the objectname request parameter. |
| N/A | 2025-04-22 | CVE-2025-43950 | cve | DPMAdirektPro 4.1.5 is vulnerable to DLL Hijacking. It happens by placing a malicious DLL in a directory (in the absence of a legitimate DLL), which is then loaded by the applic... |
| N/A | 2025-04-22 | CVE-2025-43949 | cve | MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection that allows an attacker to execute malicious SQL statements that control a web appl... |
| N/A | 2025-04-22 | CVE-2025-43948 | cve | Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input value for a parameter or qualifier (such as for sorting), which will get executed... |
| N/A | 2025-04-22 | CVE-2025-43947 | cve | Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to perform all the actions that an admin can perform, such as modifying the configur... |
| N/A | 2025-04-22 | CVE-2025-43946 | cve | TCPWave DDI 11.34P1C2 allows Remote Code Execution via Unrestricted File Upload (combined with Path Traversal). |
| 6.3 | 2025-04-22 | CVE-2025-3856 | cve | A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulatio... |
| 4.3 | 2025-04-22 | CVE-2025-3855 | cve | A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /inde... |
| 8 | 2025-04-22 | CVE-2025-3854 | cve | A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMac... |
| 3.7 | 2025-04-22 | CVE-2025-3850 | cve | A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. T... |
| 4.3 | 2025-04-22 | CVE-2025-3849 | cve | A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulati... |
| 6.4 | 2025-04-22 | CVE-2025-3814 | cve | The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due t... |
| N/A | 2025-04-22 | CVE-2025-3767 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon BAM (Boolean KPi Listing modules) allows SQL Injection. ... |
| N/A | 2025-04-22 | CVE-2025-37088 | cve | A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on race conditions and configuration, this vulnerability may lead to local/... |
| N/A | 2025-04-22 | CVE-2025-37087 | cve | A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an attacker to gain access to an arbitrary file on the server host. |
| 8.8 | 2025-04-22 | CVE-2025-3616 | cve | The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_re... |
| N/A | 2025-04-22 | CVE-2025-3577 | cve | **UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00(AAJC.16)C0 could allow an authentica... |
| N/A | 2025-04-22 | CVE-2025-3519 | cve | An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly ... |
| 4.3 | 2025-04-22 | CVE-2025-3518 | cve | It technically possible for a user to upload a file to a conversation despite the file upload functionality being disabled. The file upload functionality can be enabled or disa... |
| Page(s) : 1 ... 423 424 425 426 427 428 429 430 431 432 [433] 434 435 436 437 438 439 440 441 442 443 ... | Result(s) : 325197 |
