| Page(s) : 1 ... 790 791 792 793 794 795 796 797 798 799 [800] 801 802 803 804 805 806 807 808 809 810 ... | Result(s) : 300249 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-06 | CVE-2025-20930 | cve | Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. |
| N/A | 2025-03-06 | CVE-2025-20931 | cve | Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. |
| N/A | 2025-03-06 | CVE-2025-20932 | cve | Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to?read out-of-bounds memory. |
| N/A | 2025-03-06 | CVE-2025-20933 | cve | Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. |
| N/A | 2025-03-06 | CVE-2025-22623 | cve | Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be vulnerable. The web application dynamically generates web content without validating the source of the potentially... |
| N/A | 2025-03-05 | CVE-2025-27622 | cve | Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of agents via REST API or CLI, allowing attackers with... |
| N/A | 2025-03-05 | CVE-2025-27623 | cve | Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing `config.xml` of views via REST API or CLI, allowing attackers with ... |
| N/A | 2025-03-05 | CVE-2025-27624 | cve | A cross-site request forgery (CSRF) vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of ... |
| N/A | 2025-03-05 | CVE-2025-27625 | cve | In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`) characters are considered safe, allowing attackers to perform phishing attacks by ... |
| N/A | 2025-03-05 | CVE-2024-31525 | cve | Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular registered user is able to elevate his privileges to admin and gain complete access to th... |
| N/A | 2025-03-05 | CVE-2024-48246 | cve | Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the "Name" parameter of /vehicle-management/booking.php. |
| N/A | 2025-03-05 | CVE-2025-27513 | cve | OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when a tracestate and t... |
| N/A | 2025-03-05 | CVE-2025-27515 | cve | Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially by... |
| N/A | 2025-03-05 | CVE-2025-2003 | cve | Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an authenticated user to bypass the 'add in root' permission. |
| N/A | 2025-03-05 | CVE-2024-51144 | cve | Cross Site Request Forgery (CSRF) vulnerability exists in the 'pvmsg.php?action=add_message', pvmsg.php?action=confirm_delete , and ajax.server.php?page=user&action=fl... |
| N/A | 2025-03-05 | CVE-2025-27517 | cve | Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This v... |
| N/A | 2025-03-05 | CVE-2024-57174 | cve | A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the u... |
| N/A | 2025-03-05 | CVE-2025-25362 | cve | A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows attackers to execute arbitrary code via injecting a crafted payload into the template field. |
| N/A | 2025-03-05 | CVE-2025-25632 | cve | Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet. |
| N/A | 2025-03-05 | CVE-2025-25634 | cve | A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src lead... |
| Page(s) : 1 ... 790 791 792 793 794 795 796 797 798 799 [800] 801 802 803 804 805 806 807 808 809 810 ... | Result(s) : 300249 |
