| Page(s) : 1 ... 861 862 863 864 865 866 867 868 869 870 [871] 872 873 874 875 876 877 878 879 880 881 ... | Result(s) : 326049 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.9 | 2025-02-27 | CVE-2025-1686 | cve | All versions of the package io.pebbletemplates:pebble are vulnerable to External Control of File Name or Path via the include tag. A high privileged attacker can access sensitiv... |
| N/A | 2025-02-26 | CVE-2025-1460 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 4.3 | 2025-02-26 | CVE-2025-1726 | cve | There is a SQL injection issue in Esri ArcGIS Monitor versions 2023.0 through 2024.x on Windows and Linux that allows a remote, authenticated attacker with low privileges to imp... |
| N/A | 2025-02-26 | CVE-2024-50684 | cve | SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt client data (insufficient entropy). This may allow attackers to decrypt intercepted... |
| N/A | 2025-02-26 | CVE-2024-50685 | cve | SunGrow iSolarCloud before the October 31, 2024 remediation, is vulnerable to insecure direct object references (IDOR) via the powerStationService API model. |
| N/A | 2025-02-26 | CVE-2024-50686 | cve | SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the commonService API model. |
| N/A | 2025-02-26 | CVE-2024-50687 | cve | SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the devService API model. |
| N/A | 2025-02-26 | CVE-2024-50688 | cve | SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application (regardless of the user account) and the cloud uses the same MQ... |
| N/A | 2025-02-26 | CVE-2024-50689 | cve | SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the orgService API model. |
| N/A | 2025-02-26 | CVE-2024-50691 | cve | SunGrow iSolarCloud Android app V2.1.6.20241104 and prior suffers from Missing SSL Certificate Validation. The app explicitly ignores certificate errors and is vulnerable to MiT... |
| N/A | 2025-02-26 | CVE-2024-50693 | cve | SunGrow iSolarCloud before the October 31, 2024 remediation is vulnerable to insecure direct object references (IDOR) via the userService API model. |
| N/A | 2025-02-26 | CVE-2024-50696 | cve | SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware upgrades. Sending a specific MQTT message allows an update to an inverter or a WiN... |
| N/A | 2025-02-26 | CVE-2024-57423 | cve | A Cross Site Scripting vulnerability in CloudClassroom-PHP Project v1.0 allows a remote attacker to execute arbitrary code via the exid parameter of the assessment function. |
| N/A | 2025-02-26 | CVE-2024-53573 | cve | Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue s... |
| N/A | 2025-02-26 | CVE-2024-55581 | cve | When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the default behaviour of AWS.Client is vulnerable to a man-in-the-middle attack because of lack of verification of an H... |
| N/A | 2025-02-26 | CVE-2024-57040 | cve | TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or... |
| N/A | 2025-02-26 | CVE-2025-1728 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been re... |
| N/A | 2025-02-26 | CVE-2022-49732 | cve | In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 ("sock: Introduce sk->sk_prot->psock_updat... |
| N/A | 2025-02-26 | CVE-2024-52925 | cve | In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives. |
| N/A | 2025-02-26 | CVE-2025-1249 | cve | Missing Authorization vulnerability in Pixelite Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Events Manager: from n/... |
| Page(s) : 1 ... 861 862 863 864 865 866 867 868 869 870 [871] 872 873 874 875 876 877 878 879 880 881 ... | Result(s) : 326049 |
