| Page(s) : 1 ... 424 425 426 427 428 429 430 431 432 433 [434] 435 436 437 438 439 440 441 442 443 444 ... | Result(s) : 325197 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-04-22 | CVE-2025-3472 | cve | The Ocean Extra plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.4.6. This is due to the software allowing users to ex... |
| 5.4 | 2025-04-22 | CVE-2025-3458 | cve | The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ocean_gallery_id’ parameter in all versions up to, and including, 2.4.6 due to in... |
| 5.4 | 2025-04-22 | CVE-2025-3457 | cve | The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'oceanwp_icon' shortcode in all versions up to, and including, ... |
| N/A | 2025-04-22 | CVE-2025-3441 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-04-22 | CVE-2025-32965 | cve | xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and co... |
| N/A | 2025-04-22 | CVE-2025-32964 | cve | ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically... |
| N/A | 2025-04-22 | CVE-2025-32963 | cve | MinIO Operator STS is a native IAM Authentication for Kubernetes. Prior to version 7.1.0, if no audiences are provided for the `spec.audiences` field, the default will be of the... |
| N/A | 2025-04-22 | CVE-2025-32961 | cve | The Cuba JPA web API enables loading and saving any entities defined in the application data model by sending simple HTTP requests. Prior to version 1.1.1, the input parameter, ... |
| N/A | 2025-04-22 | CVE-2025-32960 | cve | The CUBA REST API add-on performs operations on data and entities. Prior to version 7.2.7, the input parameter, which consists of a file path and name, can be manipulated to ret... |
| N/A | 2025-04-22 | CVE-2025-32959 | cve | CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of upl... |
| N/A | 2025-04-22 | CVE-2025-32952 | cve | Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the local file storage implemen... |
| N/A | 2025-04-22 | CVE-2025-32951 | cve | Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, the input parameter, which cons... |
| N/A | 2025-04-22 | CVE-2025-32950 | cve | Jmix is a set of libraries and tools to speed up Spring Boot data-centric application development. In versions 1.0.0 to 1.6.1 and 2.0.0 to 2.3.4, attackers could manipulate the ... |
| 4.3 | 2025-04-22 | CVE-2025-32788 | cve | OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass ... |
| 4.6 | 2025-04-22 | CVE-2025-31328 | cve | SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-ba... |
| 4.3 | 2025-04-22 | CVE-2025-31327 | cve | SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacke... |
| 3.8 | 2025-04-22 | CVE-2025-2987 | cve | IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, ... |
| N/A | 2025-04-22 | CVE-2025-29743 | cve | D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in /goform/delRouting. |
| N/A | 2025-04-22 | CVE-2025-29621 | cve | Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability all... |
| N/A | 2025-04-22 | CVE-2025-29547 | cve | In Rollback Rx Professional 12.8.0.0, the driver file shieldm.sys allows local users to cause a denial of service because of a null pointer dereference from IOCtl 0x96202000. |
| Page(s) : 1 ... 424 425 426 427 428 429 430 431 432 433 [434] 435 436 437 438 439 440 441 442 443 444 ... | Result(s) : 325197 |
