| Page(s) : 1 ... 780 781 782 783 784 785 786 787 788 789 [790] 791 792 793 794 795 796 797 798 799 800 ... | Result(s) : 325916 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-03-11 | CVE-2025-27436 | cve | The Manage Bank Statements in SAP S/4HANA does not perform required access control checks for an authenticated user to confirm whether a request to interact with a resource is l... |
| 7.2 | 2025-03-11 | CVE-2024-11253 | cve | A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and ea... |
| 7.2 | 2025-03-11 | CVE-2024-12009 | cve | A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated a... |
| 7.2 | 2025-03-11 | CVE-2024-12010 | cve | A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.3)C0 and earlier could allow an authe... |
| 6.1 | 2025-03-11 | CVE-2024-13436 | cve | The Appsero Helper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. This is due to missing or incorrect nonce valida... |
| 9.8 | 2025-03-11 | CVE-2025-1661 | cve | The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 't... |
| N/A | 2025-03-11 | CVE-2025-26707 | cve | Improper Privilege Management vulnerability in ZTE GoldenDB allows Privilege Escalation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.05. |
| 7.3 | 2025-03-11 | CVE-2025-2169 | cve | The The WPCS – WordPress Currency Switcher Professional plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.0.4. This i... |
| N/A | 2025-03-10 | CVE-2025-25907 | cve | tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/save. This vulnerability allows attackers to execute arbitrary operations ... |
| N/A | 2025-03-10 | CVE-2025-25908 | cve | A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the coverImageURL... |
| N/A | 2025-03-10 | CVE-2025-27910 | cve | tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allows attackers to execute arbitrary opera... |
| N/A | 2025-03-10 | CVE-2025-27610 | cve | Rack provides an interface for developing web applications in Ruby. Prior to versions 2.2.13, 3.0.14, and 3.1.12, `Rack::Static` can serve files under the specified `root:` even... |
| N/A | 2025-03-10 | CVE-2025-27924 | cve | Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associated with the "Navigate to a URL" action. |
| N/A | 2025-03-10 | CVE-2025-27925 | cve | Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input. |
| N/A | 2025-03-10 | CVE-2025-27926 | cve | In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users. |
| N/A | 2025-03-10 | CVE-2022-43454 | cve | A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be abl... |
| N/A | 2025-03-10 | CVE-2022-48610 | cve | This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-s... |
| N/A | 2025-03-10 | CVE-2025-27913 | cve | Passbolt API before 5, if the server is misconfigured (with an incorrect installation process and disregarding of Health Check results), can send email messages with a domain na... |
| N/A | 2025-03-10 | CVE-2024-56191 | cve | In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution ... |
| N/A | 2025-03-10 | CVE-2024-56192 | cve | In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additio... |
| Page(s) : 1 ... 780 781 782 783 784 785 786 787 788 789 [790] 791 792 793 794 795 796 797 798 799 800 ... | Result(s) : 325916 |
