| Page(s) : 1 ... 34 35 36 37 38 39 40 41 42 43 [44] 45 46 47 48 49 50 51 52 53 54 ... | Result(s) : 298109 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-06-10 | CVE-2025-49454 | cve | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean TinySalt allows PHP Local File Inclu... |
| N/A | 2025-06-10 | CVE-2025-49455 | cve | Deserialization of Untrusted Data vulnerability in LoftOcean TinySalt allows Object Injection.This issue affects TinySalt: from n/a before 3.10.0. |
| N/A | 2025-06-10 | CVE-2025-49507 | cve | Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay allows Object Injection.This issue affects CozyStay: from n/a before 1.7.1. |
| N/A | 2025-06-10 | CVE-2025-49509 | cve | Missing Authorization vulnerability in Roland Beaussant Audio Editor & Recorder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Audio ... |
| N/A | 2025-06-10 | CVE-2025-49510 | cve | Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Min Max Step Quantity Limits Manager for WooCommerce allows Cross Site Request Forgery.This issue affects Min Max St... |
| N/A | 2025-06-10 | CVE-2025-49511 | cve | Cross-Site Request Forgery (CSRF) vulnerability in uxper Civi Framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through 2.1.6. |
| 6.4 | 2025-06-10 | CVE-2025-3076 | cve | The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text’ parameter in all versions up to, and including, 3.29.0 ... |
| 5.3 | 2025-06-10 | CVE-2025-5935 | cve | A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/mme/e... |
| N/A | 2025-06-10 | CVE-2025-5952 | cve | A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation... |
| N/A | 2025-06-10 | CVE-2025-1041 | cve | An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions inc... |
| N/A | 2025-06-10 | CVE-2025-4840 | cve | The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action avai... |
| N/A | 2025-06-10 | CVE-2025-4954 | cve | The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files ... |
| N/A | 2025-06-10 | CVE-2025-27817 | cve | A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER... |
| N/A | 2025-06-10 | CVE-2025-27818 | cve | A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to... |
| N/A | 2025-06-10 | CVE-2025-27819 | cve | In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable t... |
| N/A | 2025-06-10 | CVE-2025-5945 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-06-10 | CVE-2025-3112 | cve | CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Length he... |
| N/A | 2025-06-10 | CVE-2025-3116 | cve | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request containing i... |
| N/A | 2025-06-10 | CVE-2025-3117 | cve | CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists impacting configuration file paths that could cause a... |
| N/A | 2025-06-10 | CVE-2025-3898 | cve | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type t... |
| Page(s) : 1 ... 34 35 36 37 38 39 40 41 42 43 [44] 45 46 47 48 49 50 51 52 53 54 ... | Result(s) : 298109 |
