| Page(s) : 1 ... 37 38 39 40 41 42 43 44 45 46 [47] 48 49 50 51 52 53 54 55 56 57 ... | Result(s) : 114978 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-05-14 | CVE-2025-4664 | cve | Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium securit... |
| 5.4 | 2025-05-14 | CVE-2025-4520 | cve | The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and... |
| 5.3 | 2025-05-14 | CVE-2025-3769 | cve | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, ... |
| 4.4 | 2025-05-14 | CVE-2025-33104 | cve | IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alterin... |
| 5.3 | 2025-05-14 | CVE-2024-8988 | cve | The PeepSo Core: File Uploads plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.6.0 via the file_download REST API... |
| 5.5 | 2025-05-14 | CVE-2024-13940 | cve | The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.7 via the form webhook functionality. This m... |
| 6.1 | 2025-05-13 | CVE-2025-46721 | cve | nosurf is cross-site request forgery (CSRF) protection middleware for Go. A vulnerability in versions prior to 1.2.0 allows an attacker who controls content on the target site, ... |
| 4.3 | 2025-05-13 | CVE-2025-4339 | cve | The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions up to, and includin... |
| 6.3 | 2025-05-13 | CVE-2025-43009 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 5.8 | 2025-05-13 | CVE-2025-43008 | cve | Due to missing authorization check, an unauthorized user can view the files of other company. This might lead to disclosure of personal data of employees. There is no impact on ... |
| 6.3 | 2025-05-13 | CVE-2025-43007 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 6.1 | 2025-05-13 | CVE-2025-43006 | cve | SAP Supplier Relationship Management (Master Data Management Catalogue) allows an unauthenticated attacker to execute malicious scripts in the application, potentially leading t... |
| 4.3 | 2025-05-13 | CVE-2025-43005 | cve | SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does ... |
| 5.3 | 2025-05-13 | CVE-2025-43004 | cve | Due to a security misconfiguration vulnerability, customers can develop Production Operator Dashboards (PODs) that enable outside users to access customer data when they access ... |
| 6.4 | 2025-05-13 | CVE-2025-43003 | cve | SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On per... |
| 4.3 | 2025-05-13 | CVE-2025-43002 | cve | SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confid... |
| 6.6 | 2025-05-13 | CVE-2025-42997 | cve | Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influe... |
| 4.4 | 2025-05-13 | CVE-2025-40583 | cve | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with SINEMA Remote Connect Edge Client installed). Affected devices do transmit sensit... |
| 4.3 | 2025-05-13 | CVE-2025-40578 | cve | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received ... |
| 4.3 | 2025-05-13 | CVE-2025-40577 | cve | A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthentic... |
| Page(s) : 1 ... 37 38 39 40 41 42 43 44 45 46 [47] 48 49 50 51 52 53 54 55 56 57 ... | Result(s) : 114978 |
