| Page(s) : 1 ... 555 556 557 558 559 560 561 562 563 564 [565] 566 567 568 569 570 571 572 573 574 575 ... | Result(s) : 299754 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-04 | CVE-2025-28146 | cve | Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel |
| N/A | 2025-04-04 | CVE-2025-2798 | cve | The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles duri... |
| N/A | 2025-04-04 | CVE-2025-2797 | cve | The Woffice Core plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.4.21. This is due to missing or incorrect nonce validat... |
| 8.8 | 2025-04-04 | CVE-2025-2780 | cve | The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage'... |
| N/A | 2025-04-04 | CVE-2025-27520 | cve | BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deseria... |
| N/A | 2025-04-04 | CVE-2025-26401 | cve | Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authentic... |
| N/A | 2025-04-04 | CVE-2025-25178 | cve | Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption. |
| N/A | 2025-04-04 | CVE-2025-25061 | cve | Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker ... |
| 4.3 | 2025-04-04 | CVE-2025-25001 | cve | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoo... |
| N/A | 2025-04-04 | CVE-2025-25000 | cve | Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. |
| N/A | 2025-04-04 | CVE-2025-24317 | cve | Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a... |
| N/A | 2025-04-04 | CVE-2025-24310 | cve | Improper restriction of rendered UI layers or frames issue exists in HMI ViewJet C-more series, which may allow a remote unauthenticated attacker to trick the product user to pe... |
| 7.5 | 2025-04-04 | CVE-2025-2317 | cve | The Product Filter by WBW plugin for WordPress is vulnerable to time-based SQL Injection via the filtersDataBackend parameter in all versions up to, and including, 2.7.9 due to ... |
| N/A | 2025-04-04 | CVE-2025-2279 | cve | The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, w... |
| 8.1 | 2025-04-04 | CVE-2025-2270 | cve | The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the crea... |
| N/A | 2025-04-04 | CVE-2025-2245 | cve | A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a... |
| N/A | 2025-04-04 | CVE-2025-2244 | cve | A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without v... |
| N/A | 2025-04-04 | CVE-2025-2243 | cve | A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS request... |
| N/A | 2025-04-04 | CVE-2025-22285 | cve | Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff... |
| N/A | 2025-04-04 | CVE-2025-22282 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EPC ez Form Calculator - WordPress plugin allows Reflected XSS.Th... |
| Page(s) : 1 ... 555 556 557 558 559 560 561 562 563 564 [565] 566 567 568 569 570 571 572 573 574 575 ... | Result(s) : 299754 |
