| Page(s) : 1 ... 460 461 462 463 464 465 466 467 468 469 [470] 471 472 473 474 475 476 477 478 479 480 ... | Result(s) : 299419 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-15 | CVE-2025-32102 | cve | CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI. |
| 7.5 | 2025-04-15 | CVE-2025-32021 | cve | Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in sett... |
| N/A | 2025-04-15 | CVE-2025-32012 | cve | Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jell... |
| N/A | 2025-04-15 | CVE-2025-31950 | cve | An unauthenticated attacker can obtain EV charger energy consumption information of other users. |
| N/A | 2025-04-15 | CVE-2025-31949 | cve | An authenticated attacker can obtain any plant name by knowing the plant ID. |
| N/A | 2025-04-15 | CVE-2025-31945 | cve | An unauthenticated attacker can obtain other users' charger information. |
| N/A | 2025-04-15 | CVE-2025-31941 | cve | An unauthenticated attacker can obtain a list of smart devices by knowing a valid username. |
| N/A | 2025-04-15 | CVE-2025-31933 | cve | An unauthenticated attacker can check the existence of usernames in the system by querying an API. |
| N/A | 2025-04-15 | CVE-2025-31654 | cve | An attacker can get information about the groups of the smart home devices for arbitrary users (i.e., "rooms"). |
| N/A | 2025-04-15 | CVE-2025-31499 | cve | Jellyfin is an open source self hosted media server. Versions before 10.10.7 are vulnerable to argument injection in FFmpeg. This can be leveraged to possibly achieve remote cod... |
| N/A | 2025-04-15 | CVE-2025-31497 | cve | TEIGarage is a webservice and RESTful service to transform, convert and validate various formats, focussing on the TEI format. The Document Conversion Service contains a critica... |
| 3.5 | 2025-04-15 | CVE-2025-31494 | cve | AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebS... |
| N/A | 2025-04-15 | CVE-2025-31360 | cve | Unauthenticated attackers can trigger device actions associated with specific "scenes" of arbitrary users. |
| N/A | 2025-04-15 | CVE-2025-31357 | cve | An unauthenticated attacker can obtain a user's plant list by knowing the username. |
| N/A | 2025-04-15 | CVE-2025-31147 | cve | Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users. |
| N/A | 2025-04-15 | CVE-2025-31011 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReichertBrothers SimplyRETS Real Estate IDX allows Reflected XSS.... |
| N/A | 2025-04-15 | CVE-2025-30985 | cve | Deserialization of Untrusted Data vulnerability in NotFound GNUCommerce allows Object Injection. This issue affects GNUCommerce: from n/a through 1.5.4. |
| N/A | 2025-04-15 | CVE-2025-30984 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound SEO Tools allows Reflected XSS. This issue affects SEO T... |
| N/A | 2025-04-15 | CVE-2025-30982 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookProgress by Stormhill Media allows Stored XSS. Th... |
| N/A | 2025-04-15 | CVE-2025-30970 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected XSS. This issue affects Ea... |
| Page(s) : 1 ... 460 461 462 463 464 465 466 467 468 469 [470] 471 472 473 474 475 476 477 478 479 480 ... | Result(s) : 299419 |
