| Page(s) : 1 ... 462 463 464 465 466 467 468 469 470 471 [472] 473 474 475 476 477 478 479 480 481 482 ... | Result(s) : 299471 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-15 | CVE-2025-32782 | cve | Ash Authentication provides authentication for the Ash framework. The confirmation flow for account creation currently uses a GET request triggered by clicking a link sent via e... |
| N/A | 2025-04-15 | CVE-2025-32780 | cve | BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicio... |
| N/A | 2025-04-15 | CVE-2025-32779 | cve | E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the `/backup/import` API endp... |
| N/A | 2025-04-15 | CVE-2025-32778 | cve | Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project (Lissy93/web-check). The... |
| N/A | 2025-04-15 | CVE-2025-32776 | cve | OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custo... |
| N/A | 2025-04-15 | CVE-2025-32445 | cve | Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged ... |
| N/A | 2025-04-15 | CVE-2025-32439 | cve | pleezer is a headless Deezer Connect player. Hook scripts in pleezer can be triggered by various events like track changes and playback state changes. In versions before 0.16.0,... |
| N/A | 2025-04-15 | CVE-2025-32438 | cve | make-initrd-ng is a tool for copying binaries and their dependencies. Local privilege escalation affecting all NixOS users. With systemd.shutdownRamfs.enable enabled (the defaul... |
| N/A | 2025-04-15 | CVE-2025-32435 | cve | Hydra is a Continuous Integration service for Nix based projects. Evaluation of untrusted non-flake nix code could potentially access secrets that are accessible by the hydra us... |
| N/A | 2025-04-15 | CVE-2025-32428 | cve | Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user ... |
| N/A | 2025-04-15 | CVE-2025-32388 | cve | SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.20.6 , unsanitized search param names cause XSS vulnerability. You a... |
| N/A | 2025-04-15 | CVE-2025-32103 | cve | CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathname... |
| N/A | 2025-04-15 | CVE-2025-32102 | cve | CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI. |
| 7.5 | 2025-04-15 | CVE-2025-32021 | cve | Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in sett... |
| N/A | 2025-04-15 | CVE-2025-32012 | cve | Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jell... |
| N/A | 2025-04-15 | CVE-2025-31950 | cve | An unauthenticated attacker can obtain EV charger energy consumption information of other users. |
| N/A | 2025-04-15 | CVE-2025-31949 | cve | An authenticated attacker can obtain any plant name by knowing the plant ID. |
| N/A | 2025-04-15 | CVE-2025-31945 | cve | An unauthenticated attacker can obtain other users' charger information. |
| N/A | 2025-04-15 | CVE-2025-31941 | cve | An unauthenticated attacker can obtain a list of smart devices by knowing a valid username. |
| N/A | 2025-04-15 | CVE-2025-31933 | cve | An unauthenticated attacker can check the existence of usernames in the system by querying an API. |
| Page(s) : 1 ... 462 463 464 465 466 467 468 469 470 471 [472] 473 474 475 476 477 478 479 480 481 482 ... | Result(s) : 299471 |
