| Page(s) : 1 ... 648 649 650 651 652 653 654 655 656 657 [658] 659 660 661 662 663 664 665 666 667 668 ... | Result(s) : 299846 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-26 | CVE-2025-30164 | cve | Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an at... |
| N/A | 2025-03-26 | CVE-2025-30217 | cve | Frappe is a full-stack web application framework. Prior to versions 14.93.2 and 15.55.0, a SQL Injection vulnerability has been identified in Frappe Framework which could allow ... |
| N/A | 2025-03-26 | CVE-2025-30225 | cve | Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting in version 9.22.0 and prior to version 12.0.1... |
| N/A | 2025-03-26 | CVE-2025-30350 | cve | Directus is a real-time API and App dashboard for managing SQL database content. The `@directus/storage-driver-s3` package starting in version 9.22.0 and prior to version 12.0.1... |
| N/A | 2025-03-26 | CVE-2024-41643 | cve | An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary code via the cshell login component. |
| N/A | 2025-03-26 | CVE-2025-2499 | cve | Client side access control bypass in the permission component in Devolutions Remote Desktop Manager on Windows. An authenticated user can exploit this flaw to bypass certain pe... |
| N/A | 2025-03-26 | CVE-2025-2528 | cve | Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the on... |
| N/A | 2025-03-26 | CVE-2025-2562 | cve | Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corres... |
| N/A | 2025-03-26 | CVE-2025-2600 | cve | Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated password to use the ELEVATED_PASSWORD variable even tho... |
| N/A | 2025-03-26 | CVE-2025-30351 | cve | Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.10.0 and prior to version 11.5.0, a suspended user can use the token gene... |
| N/A | 2025-03-26 | CVE-2025-30352 | cve | Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0-alpha.4 and prior to version 11.5.0, the `search` query parameter allo... |
| N/A | 2025-03-26 | CVE-2025-30353 | cve | Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0 and prior to version 11.5.0, when a Flow with the "Webhook" trigger a... |
| N/A | 2025-03-26 | CVE-2025-25535 | cve | HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request. |
| N/A | 2025-03-26 | CVE-2025-26001 | cve | Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter getUserNamePassword. |
| N/A | 2025-03-26 | CVE-2025-26002 | cve | Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost. |
| N/A | 2025-03-26 | CVE-2025-26003 | cve | Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution vulnerability when requesting the admin.cgi parameter with setAutorest. |
| N/A | 2025-03-26 | CVE-2025-26004 | cve | Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns. |
| N/A | 2025-03-26 | CVE-2025-29322 | cve | A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 - Build 3 allows attackers to execute arbitrary code via a crafted payload to the "Connection Name" in t... |
| 6.4 | 2025-03-26 | CVE-2024-13411 | cve | The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.5.1 via the updated_user() function. This make... |
| 7.2 | 2025-03-26 | CVE-2024-13889 | cve | The WordPress Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.8.3 via deserialization of untrusted input in the '... |
| Page(s) : 1 ... 648 649 650 651 652 653 654 655 656 657 [658] 659 660 661 662 663 664 665 666 667 668 ... | Result(s) : 299846 |
