| Page(s) : 1 ... 533 534 535 536 537 538 539 540 541 542 [543] 544 545 546 547 548 549 550 551 552 553 ... | Result(s) : 325302 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-04-08 | CVE-2025-2525 | cve | The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' functi... |
| N/A | 2025-04-08 | CVE-2025-25227 | cve | Insufficient state checks lead to a vector that allows to bypass 2FA checks. |
| N/A | 2025-04-08 | CVE-2025-25226 | cve | Improper handling of identifiers lead to a SQL injection vulnerability in the quoteNameStr method of the database package. Please note: the affected method is a protected method... |
| 6.5 | 2025-04-08 | CVE-2025-2519 | cve | The Sreamit theme for WordPress is vulnerable to arbitrary file downloads in all versions up to, and including, 4.0.1. This is due to insufficient file validation in the 's... |
| N/A | 2025-04-08 | CVE-2025-25013 | cve | Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltere... |
| 6.8 | 2025-04-08 | CVE-2025-25002 | cve | Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacker to disclose information over an adjacent network. |
| 9.1 | 2025-04-08 | CVE-2025-24447 | cve | ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the c... |
| 9.1 | 2025-04-08 | CVE-2025-24446 | cve | ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution. Exploitation o... |
| N/A | 2025-04-08 | CVE-2025-24074 | cve | Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| N/A | 2025-04-08 | CVE-2025-24073 | cve | Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| N/A | 2025-04-08 | CVE-2025-24062 | cve | Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| N/A | 2025-04-08 | CVE-2025-24060 | cve | Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| N/A | 2025-04-08 | CVE-2025-24058 | cve | Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. |
| 8.5 | 2025-04-08 | CVE-2025-23186 | cve | In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can... |
| N/A | 2025-04-08 | CVE-2025-2293 | cve | A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a res... |
| N/A | 2025-04-08 | CVE-2025-2288 | cve | A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a res... |
| N/A | 2025-04-08 | CVE-2025-22871 | cve | The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjun... |
| N/A | 2025-04-08 | CVE-2025-2287 | cve | A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. ... |
| N/A | 2025-04-08 | CVE-2025-2286 | cve | A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. ... |
| N/A | 2025-04-08 | CVE-2025-22855 | cve | An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Fortinet FortiClient before 7.4.1 may allow the EMS a... |
| Page(s) : 1 ... 533 534 535 536 537 538 539 540 541 542 [543] 544 545 546 547 548 549 550 551 552 553 ... | Result(s) : 325302 |
