| Page(s) : 1 ... 40 41 42 43 44 45 46 47 48 49 [50] 51 52 53 54 55 56 57 58 59 60 ... | Result(s) : 124967 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-29 | CVE-2025-4583 | cve | The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-plugin` attribute in all versions ... |
| 6.4 | 2025-05-29 | CVE-2025-4670 | cve | The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's edd_receipt s... |
| 6.4 | 2025-05-29 | CVE-2025-5122 | cve | The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.2.1 due to insufficient i... |
| 6.4 | 2025-05-29 | CVE-2025-5286 | cve | The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘additional_settings’ parameter in all versions up to, and including, 5.3.6 due t... |
| 6.1 | 2025-05-28 | CVE-2025-30087 | cve | Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL. |
| 6.1 | 2025-05-28 | CVE-2025-31500 | cve | Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name. |
| 6.1 | 2025-05-28 | CVE-2025-31501 | cve | Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink. |
| 4 | 2025-05-28 | CVE-2025-32803 | cve | In some cases, Kea log files or lease files may be world-readable. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8. |
| 4.9 | 2025-05-28 | CVE-2025-27702 | cve | CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have ... |
| 6 | 2025-05-28 | CVE-2025-27703 | cve | CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a sp... |
| 6.1 | 2025-05-28 | CVE-2025-32802 | cve | Kea configuration and API directives can be used to overwrite arbitrary files, subject to permissions granted to Kea. Many common configurations run Kea as root, leave the API ... |
| 6.4 | 2025-05-28 | CVE-2025-4963 | cve | The WP Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.15 due to insufficient input san... |
| 6.6 | 2025-05-28 | CVE-2025-5297 | cve | A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipu... |
| 4.3 | 2025-05-28 | CVE-2024-54020 | cve | A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat fe... |
| 5.3 | 2025-05-28 | CVE-2025-47294 | cve | A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd da... |
| 6.1 | 2025-05-28 | CVE-2025-5082 | cve | The WP Attachments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attachment_id’ parameter in all versions up to, and including, 5.0.12 due to ins... |
| 5.3 | 2025-05-28 | CVE-2025-25025 | cve | IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co... |
| 4.3 | 2025-05-28 | CVE-2025-25026 | cve | IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check. |
| 6.5 | 2025-05-28 | CVE-2025-25029 | cve | IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input. |
| 5.4 | 2025-05-27 | CVE-2024-45094 | cve | IBM DS8900F and DS8A00 Hardware Management Console (HMC) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript ... |
| Page(s) : 1 ... 40 41 42 43 44 45 46 47 48 49 [50] 51 52 53 54 55 56 57 58 59 60 ... | Result(s) : 124967 |
