| Page(s) : 1 ... 57 58 59 60 61 62 63 64 65 66 [67] 68 69 70 71 72 73 74 75 76 77 ... | Result(s) : 114978 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5 | 2025-04-25 | CVE-2025-2070 | cve | An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2069 | cve | A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2068 | cve | An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user. |
| 6.4 | 2025-04-24 | CVE-2025-3832 | cve | The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘successredirect’ parameter in all versions up to, and including, 6.7 due to insufficient ... |
| 4.2 | 2025-04-24 | CVE-2025-3793 | cve | The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior ... |
| 6.4 | 2025-04-24 | CVE-2025-3749 | cve | The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in all versions up to, and including, 1.2.3 due to insufficient... |
| 4.4 | 2025-04-24 | CVE-2025-3435 | cve | The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 ... |
| 6.5 | 2025-04-24 | CVE-2025-3280 | cve | The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in... |
| 6.4 | 2025-04-24 | CVE-2025-2579 | cve | The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input saniti... |
| 6.4 | 2025-04-24 | CVE-2025-2543 | cve | The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to ... |
| 6.7 | 2025-04-24 | CVE-2025-1976 | cve | Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privile... |
| 4.3 | 2025-04-24 | CVE-2025-1284 | cve | The Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up t... |
| 5.3 | 2025-04-24 | CVE-2024-13307 | cve | The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales... |
| 5.3 | 2025-04-24 | CVE-2021-47664 | cve | Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid usernames. |
| 5.3 | 2025-04-23 | CVE-2025-2595 | cve | An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and read visualization template files or static elements by means of forced browsing. |
| 4.3 | 2025-04-23 | CVE-2025-25045 | cve | IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information cou... |
| 6.4 | 2025-04-23 | CVE-2025-1054 | cve | The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the UI Counter, UI Icon Box, UI Testimonial Slid... |
| 6.3 | 2025-04-23 | CVE-2024-22351 | cve | IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. |
| 5.4 | 2025-04-22 | CVE-2025-46254 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS... |
| 5.4 | 2025-04-22 | CVE-2025-46253 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ataur R GutenKit allows Stored XSS. This issue affects GutenKit: ... |
| Page(s) : 1 ... 57 58 59 60 61 62 63 64 65 66 [67] 68 69 70 71 72 73 74 75 76 77 ... | Result(s) : 114978 |
