| Page(s) : 1 ... 58 59 60 61 62 63 64 65 66 67 [68] 69 70 71 72 73 74 75 76 77 78 ... | Result(s) : 124957 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-05 | CVE-2025-4256 | cve | A vulnerability classified as problematic was found in SeaCMS 13.2. This vulnerability affects unknown code of the file /admin_paylog.php. The manipulation of the argument cstat... |
| 5.4 | 2025-05-05 | CVE-2025-39363 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlphaEfficiencyTeam Custom Login and Registration allows Stored X... |
| 4.8 | 2025-05-05 | CVE-2025-3583 | cve | The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Sit... |
| 5.7 | 2025-05-05 | CVE-2025-20670 | cve | In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base s... |
| 5.5 | 2025-05-05 | CVE-2025-20665 | cve | In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional e... |
| 6.5 | 2025-05-05 | CVE-2025-1000 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 could allow an authenticated user to cause a denial of servic... |
| 6.5 | 2025-05-05 | CVE-2025-0915 | cve | IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 under specific configurations could allow an authenticated ... |
| 5.3 | 2025-05-05 | CVE-2024-11615 | cve | The Envolve Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.0 via the 'zetra_deleteLanguageFile' and '... |
| 6.1 | 2025-05-03 | CVE-2025-4199 | cve | The Abundatrade Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.02. This is due to missing or incorrect nonce v... |
| 6.1 | 2025-05-03 | CVE-2025-4198 | cve | The Alink Tap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation ... |
| 6.1 | 2025-05-03 | CVE-2025-4188 | cve | The Advanced Reorder Image Text Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or inco... |
| 6.4 | 2025-05-03 | CVE-2025-4172 | cve | The VerticalResponse Newsletter Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'verticalresponse' shortcode in all vers... |
| 6.4 | 2025-05-03 | CVE-2025-4170 | cve | The Xavin's Review Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xrr' shortcode in all versions up to, and incl... |
| 6.4 | 2025-05-03 | CVE-2025-4168 | cve | The Subpage List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subpages' shortcode in all versions up to, and including, 1.3... |
| 6.4 | 2025-05-03 | CVE-2025-3815 | cve | The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.12.32 due to insufficient input san... |
| 6.4 | 2025-05-03 | CVE-2025-3779 | cve | The Personizely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘widgetId’ parameter in all versions up to, and including, 0.10 due to insufficient inp... |
| 6.5 | 2025-05-03 | CVE-2025-1838 | cve | IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows an authenticated user to bypass client-side data validation in an authoring use... |
| 4.3 | 2025-05-03 | CVE-2025-1495 | cve | IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive information due to missing authorization validation. |
| 6.1 | 2025-05-03 | CVE-2024-41753 | cve | IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF004 and 24.0.1 through 24.0.1 IF001 is vulnerable to cross-site scripting. This vulnerability allows an unauthentic... |
| 5.4 | 2025-05-02 | CVE-2025-47201 | cve | In Intrexx Portal Server before 12.0.4, multiple Velocity-Scripts are susceptible to the execution of unrequested JavaScript code in HTML, aka XSS. |
| Page(s) : 1 ... 58 59 60 61 62 63 64 65 66 67 [68] 69 70 71 72 73 74 75 76 77 78 ... | Result(s) : 124957 |
