| Page(s) : 1 ... 684 685 686 687 688 689 690 691 692 693 [694] 695 696 697 698 699 700 701 702 703 704 ... | Result(s) : 299922 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-03-20 | CVE-2025-1314 | cve | The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is... |
| 5.3 | 2025-03-20 | CVE-2025-1766 | cve | The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on... |
| 8.8 | 2025-03-20 | CVE-2025-1770 | cve | The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via ... |
| N/A | 2025-03-20 | CVE-2025-22228 | cve | BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same. |
| 6.4 | 2025-03-20 | CVE-2025-2108 | cve | The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Site Title’ widget's 'title_tag' an... |
| 9.8 | 2025-03-20 | CVE-2024-12016 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection.This issue affects CM... |
| N/A | 2025-03-20 | CVE-2025-1385 | cve | When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a sp... |
| 9.8 | 2025-03-20 | CVE-2025-2505 | cve | The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possibl... |
| N/A | 2025-03-20 | CVE-2024-47552 | cve | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0. Users are recommended to u... |
| N/A | 2025-03-20 | CVE-2024-54016 | cve | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through |
| N/A | 2025-03-20 | CVE-2024-0245 | cve | A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permi... |
| N/A | 2025-03-20 | CVE-2024-0640 | cve | A stored cross-site scripting (XSS) vulnerability exists in chatwoot/chatwoot versions 3.0.0 to 3.5.1. This vulnerability allows an admin user to inject malicious JavaScript cod... |
| N/A | 2025-03-20 | CVE-2024-10019 | cve | A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry) allows for path traversal and OS command injection. The function does not properly s... |
| N/A | 2025-03-20 | CVE-2024-10047 | cve | parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending ... |
| N/A | 2025-03-20 | CVE-2024-10051 | cve | Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service (DoS) attack. The vulnerability exists in the file upload request handling, where appending charact... |
| N/A | 2025-03-20 | CVE-2024-10096 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-03-20 | CVE-2024-10109 | cve | A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint "/api/system/custom-models". ... |
| N/A | 2025-03-20 | CVE-2024-10110 | cve | In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being bloc... |
| N/A | 2025-03-20 | CVE-2024-10188 | cve | A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user... |
| N/A | 2025-03-20 | CVE-2024-10190 | cve | Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the... |
| Page(s) : 1 ... 684 685 686 687 688 689 690 691 692 693 [694] 695 696 697 698 699 700 701 702 703 704 ... | Result(s) : 299922 |
