| Page(s) : 1 ... 550 551 552 553 554 555 556 557 558 559 [560] 561 562 563 564 565 566 567 568 569 570 ... | Result(s) : 325338 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-04-05 | CVE-2025-32357 | cve | In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission ... |
| N/A | 2025-04-05 | CVE-2025-32352 | cve | A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7 allows remote attackers to bypass authentication for users with passwords stored as MD5 hashe... |
| N/A | 2025-04-05 | CVE-2025-30401 | cve | A spoofing issue in WhatsApp for Windows prior to version 2.2450.6 displayed attachments according to their MIME type but selected the file opening handler based on the attachme... |
| 9.8 | 2025-04-05 | CVE-2025-2941 | cve | The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the wc-upload-fil... |
| 8.8 | 2025-04-05 | CVE-2025-2933 | cve | The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability che... |
| 6.4 | 2025-04-05 | CVE-2025-2889 | cve | The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Additional Parameters in all versions up to, and including, 7.7.3 due to insuffic... |
| 6.5 | 2025-04-05 | CVE-2025-2789 | cve | The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized l... |
| 6.4 | 2025-04-05 | CVE-2025-2544 | cve | The AI Content Pipelines plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6 due to insufficient inp... |
| 5.5 | 2025-04-05 | CVE-2025-1500 | cve | IBM Maximo Application Suite 9.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. |
| 4.3 | 2025-04-05 | CVE-2025-1233 | cve | The Lafka Plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'lafka_options_upload' AJAX function in all versions up to... |
| 5.4 | 2025-04-05 | CVE-2025-0839 | cve | The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 6.91 due to insufficient input sanitization and... |
| 7.5 | 2025-04-05 | CVE-2025-0810 | cve | The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.5. This is due to missing or incorrect nonce... |
| N/A | 2025-04-05 | CVE-2024-58036 | cve | Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specif... |
| N/A | 2025-04-05 | CVE-2024-57868 | cve | Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically We... |
| N/A | 2025-04-05 | CVE-2024-57835 | cve | Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand(... |
| N/A | 2025-04-05 | CVE-2024-56370 | cve | Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically... |
| N/A | 2025-04-05 | CVE-2024-52322 | cve | WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specif... |
| 8.1 | 2025-04-05 | CVE-2024-13776 | cve | The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to a ... |
| 7.5 | 2025-04-05 | CVE-2024-13604 | cve | The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and... |
| N/A | 2025-04-05 | CVE-2021-47667 | cve | An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6.10-7 allows unauthenticated remote attackers to execute arbitrary commands via ... |
| Page(s) : 1 ... 550 551 552 553 554 555 556 557 558 559 [560] 561 562 563 564 565 566 567 568 569 570 ... | Result(s) : 325338 |
