| Page(s) : 1 ... 536 537 538 539 540 541 542 543 544 545 [546] 547 548 549 550 551 552 553 554 555 556 ... | Result(s) : 325302 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.5 | 2025-04-08 | CVE-2025-20934 | cve | Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege. |
| 9.1 | 2025-04-08 | CVE-2025-2004 | cve | The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action in all versions up... |
| 8.8 | 2025-04-08 | CVE-2025-1095 | cve | IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in us... |
| N/A | 2025-04-08 | CVE-2025-0361 | cve | During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthentica... |
| N/A | 2025-04-08 | CVE-2024-55354 | cve | Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let an attacker run cod... |
| 9.8 | 2025-04-08 | CVE-2024-54092 | cve | A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device K... |
| N/A | 2025-04-08 | CVE-2024-54025 | cve | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator CLI before version 2.4.6... |
| N/A | 2025-04-08 | CVE-2024-54024 | cve | An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiIsolator before version 2.4.6 all... |
| N/A | 2025-04-08 | CVE-2024-52981 | cve | An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow. |
| N/A | 2025-04-08 | CVE-2024-52980 | cve | A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to c... |
| N/A | 2025-04-08 | CVE-2024-52974 | cve | An issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash. A successful attack requires a malicious use... |
| N/A | 2025-04-08 | CVE-2024-52962 | cve | AnĀ Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and... |
| N/A | 2025-04-08 | CVE-2024-50565 | cve | A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through... |
| N/A | 2025-04-08 | CVE-2024-48887 | cve | A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request |
| N/A | 2025-04-08 | CVE-2024-47261 | cve | 51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload ... |
| N/A | 2025-04-08 | CVE-2024-46671 | cve | An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets das... |
| 6.5 | 2025-04-08 | CVE-2024-41796 | cve | A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices allows to change the login password without knowing... |
| 6.5 | 2025-04-08 | CVE-2024-41795 | cve | A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices is vulnerable to Cross-Site Request Forgery (CSRF) ... |
| 10 | 2025-04-08 | CVE-2024-41794 | cve | A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating ... |
| 8.6 | 2025-04-08 | CVE-2024-41793 | cve | A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices provides an endpoint that allows to enable the ssh ... |
| Page(s) : 1 ... 536 537 538 539 540 541 542 543 544 545 [546] 547 548 549 550 551 552 553 554 555 556 ... | Result(s) : 325302 |
