| Page(s) : 1 ... 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 ... | Result(s) : 324174 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-06-12 | CVE-2025-49190 | cve | The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to send server internal requests to other ports. |
| N/A | 2025-06-12 | CVE-2025-49191 | cve | Linked URLs during the creation of iFrame widgets and dashboards are vulnerable to code execution. The URLs get embedded as iFrame widgets, making it possible to attack other us... |
| N/A | 2025-06-12 | CVE-2024-56158 | cve | XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMS_XMLGEN or DBMS_XMLQUERY. The XWiki query validator does n... |
| N/A | 2025-06-12 | CVE-2025-49192 | cve | The web application is vulnerable to clickjacking attacks. The site can be embedded into another frame, allowing an attacker to trick a user into clicking on something different... |
| N/A | 2025-06-12 | CVE-2025-49193 | cve | The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to... |
| N/A | 2025-06-12 | CVE-2025-49194 | cve | The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and th... |
| N/A | 2025-06-12 | CVE-2025-49195 | cve | The FTP server’s login mechanism does not restrict authentication attempts, allowing an attacker to brute-force user passwords and potentially compromising the FTP server. |
| N/A | 2025-06-12 | CVE-2025-49196 | cve | A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of... |
| N/A | 2025-06-12 | CVE-2025-49197 | cve | The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account. |
| N/A | 2025-06-12 | CVE-2025-49198 | cve | The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens. |
| N/A | 2025-06-12 | CVE-2025-49199 | cve | The backup ZIPs are not signed by the application, leading to the possibility that an attacker can download a backup ZIP, modify and re-upload it. This allows the attacker to di... |
| N/A | 2025-06-12 | CVE-2025-49200 | cve | The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files. |
| N/A | 2025-06-12 | CVE-2024-44905 | cve | go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go. |
| N/A | 2025-06-12 | CVE-2024-44906 | cve | uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go. |
| N/A | 2025-06-12 | CVE-2024-7562 | cve | A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported vers... |
| N/A | 2025-06-12 | CVE-2025-29744 | cve | pg-promise before 11.5.5 is vulnerable to SQL Injection due to improper handling of negative numbers. |
| N/A | 2025-06-12 | CVE-2025-36573 | cve | Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially ex... |
| N/A | 2025-06-12 | CVE-2025-46035 | cve | Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an... |
| N/A | 2025-06-12 | CVE-2025-49467 | cve | A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible act... |
| N/A | 2025-06-12 | CVE-2023-45256 | cve | Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via th... |
| Page(s) : 1 ... 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 ... | Result(s) : 324174 |
