| Page(s) : 1 ... 458 459 460 461 462 463 464 465 466 467 [468] 469 470 471 472 473 474 475 476 477 478 ... | Result(s) : 299419 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.9 | 2025-04-15 | CVE-2025-3470 | cve | The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due... |
| N/A | 2025-04-15 | CVE-2025-33028 | cve | In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of... |
| 7.8 | 2025-04-15 | CVE-2025-33027 | cve | In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on af... |
| 7.8 | 2025-04-15 | CVE-2025-33026 | cve | In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected ins... |
| N/A | 2025-04-15 | CVE-2025-32997 | cve | In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed. |
| N/A | 2025-04-15 | CVE-2025-32996 | cve | In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used. |
| N/A | 2025-04-15 | CVE-2025-32993 | cve | Vision Helpdesk through 5.7.0 allows Time-Based Blind SQL injection via the Forgot Password (aka index.php?/home/forgot-password) vis_username parameter. Authentication is not n... |
| N/A | 2025-04-15 | CVE-2025-32987 | cve | Arctera eDiscovery Platform before 10.3.2, when Enterprise Vault Collection Module is used, places a cleartext password on a command line in EVSearcher. |
| N/A | 2025-04-15 | CVE-2025-32949 | cve | This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip Bomb. If user import is enabled (which i... |
| N/A | 2025-04-15 | CVE-2025-32948 | cve | The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send requests to arbitrary URLs (Blind SSRF). Attackers can send Acti... |
| N/A | 2025-04-15 | CVE-2025-32947 | cve | This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted Activit... |
| N/A | 2025-04-15 | CVE-2025-32946 | cve | This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. The vulnerable code sets the owner of the new playlist to b... |
| N/A | 2025-04-15 | CVE-2025-32945 | cve | The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. The vulnerable code sets the owner of the new playlist to b... |
| N/A | 2025-04-15 | CVE-2025-32944 | cve | The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner. If user import is enabled (which is the default setting... |
| N/A | 2025-04-15 | CVE-2025-32943 | cve | The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path traversal in the HLS endpoint. |
| N/A | 2025-04-15 | CVE-2025-32941 | cve | Rejected reason: Not used |
| N/A | 2025-04-15 | CVE-2025-32940 | cve | Rejected reason: Not used |
| N/A | 2025-04-15 | CVE-2025-32939 | cve | Rejected reason: Not used |
| N/A | 2025-04-15 | CVE-2025-32938 | cve | Rejected reason: Not used |
| N/A | 2025-04-15 | CVE-2025-32937 | cve | Rejected reason: Not used |
| Page(s) : 1 ... 458 459 460 461 462 463 464 465 466 467 [468] 469 470 471 472 473 474 475 476 477 478 ... | Result(s) : 299419 |
