Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 467 468 469 470 471 472 473 474 475 476 [477] 478 479 480 481 482 483 484 485 486 487 ... Result(s) : 299471

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-04-15 CVE-2025-29983 cve Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with...
N/A 2025-04-15 CVE-2025-29817 cve Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.
N/A 2025-04-15 CVE-2025-29705 cve code-gen
N/A 2025-04-15 CVE-2025-29471 cve Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.
N/A 2025-04-15 CVE-2025-29281 cve In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
N/A 2025-04-15 CVE-2025-29280 cve Stored cross-site scripting vulnerability exists in PerfreeBlog v4.0.11 in the website name field of the backend system settings interface allows an attacker to insert and execu...
N/A 2025-04-15 CVE-2025-29213 cve A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows attackers to execute arbitrary code via a crafted Zip file.
N/A 2025-04-15 CVE-2025-28399 cve An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class.
N/A 2025-04-15 CVE-2025-2830 cve By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forw...
N/A 2025-04-15 CVE-2025-28198 cve A SQL injection vulnerability in Hitout car sale 1.0 allows a remote attacker to obtain sensitive information via the orderBy parameter of the StoreController.java component.
N/A 2025-04-15 CVE-2025-28145 cve Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat.
N/A 2025-04-15 CVE-2025-28144 cve Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a stack overflow vlunerability via peerPin parameter in the formWsc function.
N/A 2025-04-15 CVE-2025-28143 cve Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup.
N/A 2025-04-15 CVE-2025-28142 cve Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare.
N/A 2025-04-15 CVE-2025-28137 cve The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
N/A 2025-04-15 CVE-2025-28136 cve TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi.
N/A 2025-04-15 CVE-2025-28100 cve A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the "operateOrder.php" id parameter.
N/A 2025-04-15 CVE-2025-27939 cve An attacker can change registered email addresses of other users and take over arbitrary accounts.
N/A 2025-04-15 CVE-2025-27938 cve Unauthenticated attackers can obtain restricted information about a user's smart device collections (i.e., "rooms").
N/A 2025-04-15 CVE-2025-27929 cve Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts.
Page(s) : 1 ... 467 468 469 470 471 472 473 474 475 476 [477] 478 479 480 481 482 483 484 485 486 487 ... Result(s) : 299471