| Page(s) : 1 ... 755 756 757 758 759 760 761 762 763 764 [765] 766 767 768 769 770 771 772 773 774 775 ... | Result(s) : 325906 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-03-13 | CVE-2025-2263 | cve | During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffe... |
| 7.5 | 2025-03-13 | CVE-2025-2264 | cve | A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the dis... |
| N/A | 2025-03-13 | CVE-2025-2265 | cve | The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. H... |
| N/A | 2025-03-13 | CVE-2025-2284 | cve | A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe". |
| N/A | 2025-03-13 | CVE-2024-30143 | cve | HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted direct... |
| 7.2 | 2025-03-13 | CVE-2025-24053 | cve | Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. |
| N/A | 2025-03-13 | CVE-2025-25363 | cve | An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin People Enterprise Mail Handler for Jira Data Center (JEMH) before v4.1.69-dc allows attackers with... |
| N/A | 2025-03-13 | CVE-2025-25598 | cve | Incorrect access control in the scheduled tasks console of Inova Logic CUSTOMER MONITOR (CM) v3.1.757.1 allows attackers to escalate privileges via placing a crafted executable ... |
| N/A | 2025-03-13 | CVE-2025-27496 | cve | Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through... |
| N/A | 2025-03-13 | CVE-2025-2229 | cve | A token is created using the username, current date/time, and a fixed AES-128 encryption key, which is the same across all installations. |
| N/A | 2025-03-13 | CVE-2025-2230 | cve | A flaw exists in the Windows login flow where an AuthContext token can be exploited for replay attacks and authentication bypass. |
| N/A | 2025-03-13 | CVE-2025-21104 | cve | Dell NetWorker, versions prior to 19.12.0.1 and versions prior to 19.11.0.4, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access co... |
| N/A | 2025-03-13 | CVE-2025-29994 | cve | This vulnerability exists in the CAP back office application due to improper authentication check at the API endpoint. An unauthenticated remote attacker with a valid login ID c... |
| N/A | 2025-03-13 | CVE-2025-29995 | cve | This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid l... |
| N/A | 2025-03-13 | CVE-2025-29996 | cve | This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid cr... |
| N/A | 2025-03-13 | CVE-2025-29997 | cve | This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this v... |
| N/A | 2025-03-13 | CVE-2025-29998 | cve | This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this... |
| 7.5 | 2025-03-13 | CVE-2024-10942 | cve | The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.89 via deserialization of untrusted inp... |
| N/A | 2025-03-13 | CVE-2025-1635 | cve | Exposure of sensitive information in hub data source export feature in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows a user exporting a hub data sou... |
| N/A | 2025-03-13 | CVE-2025-1636 | cve | Exposure of sensitive information in My Personal Credentials password history component in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows an authenti... |
| Page(s) : 1 ... 755 756 757 758 759 760 761 762 763 764 [765] 766 767 768 769 770 771 772 773 774 775 ... | Result(s) : 325906 |
