| Page(s) : 1 ... 436 437 438 439 440 441 442 443 444 445 [446] 447 448 449 450 451 452 453 454 455 456 ... | Result(s) : 325200 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-04-18 | CVE-2025-3056 | cve | The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.3.12 due to insufficient inpu... |
| 6.8 | 2025-04-18 | CVE-2025-30357 | cve | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then... |
| 7.1 | 2025-04-18 | CVE-2025-30158 | cve | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topi... |
| N/A | 2025-04-18 | CVE-2025-29953 | cve | Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing conn... |
| 7.5 | 2025-04-18 | CVE-2025-29784 | cve | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality l... |
| N/A | 2025-04-18 | CVE-2025-29625 | cve | A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to... |
| N/A | 2025-04-18 | CVE-2025-29513 | cve | Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator. |
| N/A | 2025-04-18 | CVE-2025-29512 | cve | Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code and potentially render the blacklist IP functionality unusab... |
| 5.4 | 2025-04-18 | CVE-2025-2950 | cve | IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated us... |
| N/A | 2025-04-18 | CVE-2025-29209 | cve | TOTOLINK X18 v9.1.0cu.2024_B20220329 has an unauthorized arbitrary command execution in the enable parameter' of the sub_41105C function of cstecgi .cgi. |
| N/A | 2025-04-18 | CVE-2025-29058 | cve | An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade.php component. |
| N/A | 2025-04-18 | CVE-2025-28355 | cve | Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via th... |
| N/A | 2025-04-18 | CVE-2025-28242 | cve | Improper session management in the /login_ok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack. |
| N/A | 2025-04-18 | CVE-2025-28238 | cve | Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10/4ASI allows attackers to execute a session hijacking attack. |
| N/A | 2025-04-18 | CVE-2025-28237 | cve | An issue in WorldCast Systems ECRESO FM/DAB/TV Transmitter v1.10.1 allows authenticated attackers to escalate privileges via a crafted JSON payload. |
| N/A | 2025-04-18 | CVE-2025-28236 | cve | Nautel VX Series transmitters VX SW v6.4.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the firmware update process. This vulnerability all... |
| N/A | 2025-04-18 | CVE-2025-28235 | cve | An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui Series Model(s) Ui12 and Ui16 Firmware v1.0.7x and v1.0.5x allows attackers to ... |
| N/A | 2025-04-18 | CVE-2025-28233 | cve | Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000, TX30, and TX50 Hardware Version: 2, Software Version: 1.6.0, Control Version: 1.0, ... |
| N/A | 2025-04-18 | CVE-2025-28232 | cve | Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without authentication. |
| N/A | 2025-04-18 | CVE-2025-28231 | cve | Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to execute arbitrary commands with Administrator privileges. |
| Page(s) : 1 ... 436 437 438 439 440 441 442 443 444 445 [446] 447 448 449 450 451 452 453 454 455 456 ... | Result(s) : 325200 |
