| Page(s) : 1 ... 705 706 707 708 709 710 711 712 713 714 [715] 716 717 718 719 720 721 722 723 724 725 ... | Result(s) : 299944 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-19 | CVE-2024-55551 | cve | An issue was discovered in Exasol JDBC driver before 24.2.1 (2024-12-10). Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the proce... |
| 8 | 2025-03-19 | CVE-2024-42176 | cve | HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are allowed for a single credential allow... |
| N/A | 2025-03-19 | CVE-2025-1472 | cve | Mattermost versions 9.11.x |
| 8.8 | 2025-03-19 | CVE-2024-12295 | cve | The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plug... |
| 5.3 | 2025-03-19 | CVE-2025-2290 | cve | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Post Trashing due to a missing capability check on the dele... |
| N/A | 2025-03-19 | CVE-2025-30234 | cve | SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26). |
| 9.8 | 2025-03-19 | CVE-2024-12922 | cve | The Altair theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check within functions.php in... |
| N/A | 2025-03-19 | CVE-2024-50629 | cve | Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.... |
| N/A | 2025-03-19 | CVE-2024-50630 | cve | Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows r... |
| N/A | 2025-03-19 | CVE-2024-50631 | cve | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-1... |
| N/A | 2025-03-19 | CVE-2025-1232 | cve | The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS att... |
| N/A | 2025-03-19 | CVE-2025-30235 | cve | Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of ... |
| N/A | 2025-03-19 | CVE-2025-30236 | cve | Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SE... |
| 9.8 | 2025-03-19 | CVE-2024-13410 | cve | The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP Object Injection in all versions up to, and including, 1.7.0, and in all versions up to, and including 3.9.... |
| 7.5 | 2025-03-19 | CVE-2024-13412 | cve | The CozyStay theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handler function in all versions up to, and inc... |
| 7.8 | 2025-03-19 | CVE-2024-12136 | cve | Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Authentication Bypass.This issue affects ANKA JPD-00028: before V.01.01. |
| N/A | 2025-03-19 | CVE-2024-12137 | cve | Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: before V.01.01. |
| 9.8 | 2025-03-19 | CVE-2024-13790 | cve | The MinimogWP – The High Converting eCommerce WordPress Theme theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.7.0 via the '... |
| N/A | 2025-03-19 | CVE-2025-27018 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Airflow MySQL Provider. When user triggered a DAG with du... |
| N/A | 2025-03-19 | CVE-2024-10441 | cve | Improper encoding or escaping of output vulnerability in the system plugin daemon in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before ... |
| Page(s) : 1 ... 705 706 707 708 709 710 711 712 713 714 [715] 716 717 718 719 720 721 722 723 724 725 ... | Result(s) : 299944 |
