| Page(s) : 1 ... 543 544 545 546 547 548 549 550 551 552 [553] 554 555 556 557 558 559 560 561 562 563 ... | Result(s) : 299746 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2025-04-05 | CVE-2025-3303 | cve | A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0. Affected by this issue is some unknown functionality of ... |
| N/A | 2025-04-05 | CVE-2025-3299 | cve | A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /appointment... |
| N/A | 2025-04-05 | CVE-2025-3298 | cve | A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /o... |
| N/A | 2025-04-05 | CVE-2025-3297 | cve | A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /classes/Master.php?f=save... |
| N/A | 2025-04-05 | CVE-2025-3296 | cve | A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /classes/User... |
| N/A | 2025-04-05 | CVE-2025-32366 | cve | In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) w... |
| N/A | 2025-04-05 | CVE-2025-32365 | cve | Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. |
| N/A | 2025-04-05 | CVE-2025-32364 | cve | A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. |
| 8.1 | 2025-04-05 | CVE-2025-32360 | cve | In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see and work on shared article drafts. However, a logged in customer was able to see d... |
| 8.8 | 2025-04-05 | CVE-2025-32359 | cve | In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticat... |
| 4.1 | 2025-04-05 | CVE-2025-32358 | cve | In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which are triggered as POST requests when certain conditions are met. If a... |
| 4.3 | 2025-04-05 | CVE-2025-32357 | cve | In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission ... |
| N/A | 2025-04-05 | CVE-2025-32352 | cve | A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashe... |
| N/A | 2025-04-05 | CVE-2025-30401 | cve | A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachme... |
| 9.8 | 2025-04-05 | CVE-2025-2941 | cve | The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-fil... |
| 8.8 | 2025-04-05 | CVE-2025-2933 | cve | The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability che... |
| 6.4 | 2025-04-05 | CVE-2025-2889 | cve | The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Additional Parameters in all versions up to, and including, 7.7.3 due to insuffic... |
| 6.5 | 2025-04-05 | CVE-2025-2789 | cve | The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized l... |
| 6.4 | 2025-04-05 | CVE-2025-2544 | cve | The AI Content Pipelines plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6 due to insufficient inp... |
| 5.5 | 2025-04-05 | CVE-2025-1500 | cve | IBM Maximo Application Suite 9.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. |
| Page(s) : 1 ... 543 544 545 546 547 548 549 550 551 552 [553] 554 555 556 557 558 559 560 561 562 563 ... | Result(s) : 299746 |
