| Page(s) : 1 ... 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 ... | Result(s) : 124961 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.5 | 2025-05-01 | CVE-2022-49839 | cve | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_transport_sas: Fix error handling in sas_phy_add() If transport_add_device() fails in sas_phy_ad... |
| 5.5 | 2025-05-01 | CVE-2022-49837 | cve | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in __check_func_call kmemleak reports this issue: unreferenced object 0xffff88817139... |
| 5.5 | 2025-05-01 | CVE-2024-13845 | cve | The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'process_feed' method ... |
| 5.4 | 2025-05-01 | CVE-2025-4099 | cve | The List Children plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list_children' shortcode in all versions up to, and includin... |
| 5.4 | 2025-04-30 | CVE-2025-45019 | cve | A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers t... |
| 5.4 | 2025-04-30 | CVE-2025-4136 | cve | A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argumen... |
| 6.3 | 2025-04-30 | CVE-2025-4135 | cve | A vulnerability was found in Netgear WG302v2 up to 5.2.9 and classified as critical. Affected by this issue is the function ui_get_input_value. The manipulation of the argument ... |
| 6.5 | 2025-04-30 | CVE-2025-3953 | cve | The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check ... |
| 6.1 | 2025-04-30 | CVE-2025-3859 | cve | Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were... |
| 5.5 | 2025-04-30 | CVE-2025-3395 | cve | Incorrect Permission Assignment for Critical Resource, Cleartext Storage of Sensitive Information vulnerability in ABB Automation Builder.This issue affects Automation Builder: ... |
| 5.3 | 2025-04-30 | CVE-2025-32972 | cve | XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, th... |
| 6.1 | 2025-04-30 | CVE-2025-32970 | cve | XWiki is a generic wiki platform. In versions starting from 13.5-rc-1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0, an open redir... |
| 4.3 | 2025-04-30 | CVE-2025-32376 | cve | Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus ... |
| 6.5 | 2025-04-30 | CVE-2025-30422 | cve | A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1.... |
| 6.5 | 2025-04-30 | CVE-2025-2890 | cve | The tagDiv Opt-In Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘subscriptionCouponId’ parameter in all versions up to, and including, 1.7 due t... |
| 6.5 | 2025-04-30 | CVE-2025-24132 | cve | The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attac... |
| 6.3 | 2025-04-30 | CVE-2025-24887 | cve | OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change a... |
| 6.1 | 2025-04-29 | CVE-2025-46550 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the `/?BazaR` endpoint and `idformulaire` parameter are vulnerable to cross-site scripting. An attacker can use ... |
| 6.1 | 2025-04-29 | CVE-2025-46549 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by havin... |
| 4.8 | 2025-04-29 | CVE-2025-46350 | cve | YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an attacker can use a reflected cross-site scripting attack to steal cookies from an authenticated user by havin... |
| Page(s) : 1 ... 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 ... | Result(s) : 124961 |
