| Page(s) : 1 ... 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 ... | Result(s) : 124961 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-05-02 | CVE-2024-55910 | cve | IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the sys... |
| 6.5 | 2025-05-02 | CVE-2024-55909 | cve | IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consum... |
| 5.4 | 2025-05-02 | CVE-2024-13860 | cve | The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in all versions up to, and including, 2.8.50 due to ... |
| 5.4 | 2025-05-02 | CVE-2024-13859 | cve | The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in all versions up to, and including, 2.8.... |
| 4.3 | 2025-05-02 | CVE-2024-13420 | cve | Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a missing capability check on several AJAX actions like 'gsf_reset_section_options... |
| 5.4 | 2025-05-02 | CVE-2024-13419 | cve | Multiple plugins and/or themes for WordPress using Smart Framework are vulnerable to Stored Cross-Site Scripting due to a missing capability check on the saveOptions() and impor... |
| 6.5 | 2025-05-02 | CVE-2024-12023 | cve | The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the u... |
| 5.4 | 2025-05-02 | CVE-2024-13858 | cve | The BuddyBoss Platform plugin and BuddyBoss Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and includin... |
| 5.4 | 2025-05-01 | CVE-2025-4178 | cve | A vulnerability was found in xiaowei1118 java_server up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a on Windows and classified as critical. This issue affects some unknown proces... |
| 6.1 | 2025-05-01 | CVE-2025-4143 | cve | The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirect_uri was on... |
| 6.4 | 2025-05-01 | CVE-2025-4100 | cve | The Nautic Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'np_marinetraffic_map' shortcode in all versions up to, and in... |
| 5.4 | 2025-05-01 | CVE-2025-3890 | cve | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all versions u... |
| 5.3 | 2025-05-01 | CVE-2025-3889 | cve | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payme... |
| 6.5 | 2025-05-01 | CVE-2025-3874 | cve | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomizatio... |
| 6.4 | 2025-05-01 | CVE-2025-3521 | cve | The Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Social Link ic... |
| 4.8 | 2025-05-01 | CVE-2025-3504 | cve | The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| 4.8 | 2025-05-01 | CVE-2025-3503 | cve | The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| 4.8 | 2025-05-01 | CVE-2025-3502 | cve | The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| 6.5 | 2025-05-01 | CVE-2025-32890 | cve | An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mecha... |
| 6.5 | 2025-05-01 | CVE-2025-32887 | cve | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency h... |
| Page(s) : 1 ... 60 61 62 63 64 65 66 67 68 69 [70] 71 72 73 74 75 76 77 78 79 80 ... | Result(s) : 124961 |
