| Page(s) : 1 ... 900 901 902 903 904 905 906 907 908 909 [910] 911 912 913 914 915 916 917 918 919 920 ... | Result(s) : 300446 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2025-02-25 | CVE-2025-26600 | cve | A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying... |
| 7.8 | 2025-02-25 | CVE-2025-26601 | cve | A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as re... |
| 7.3 | 2025-02-25 | CVE-2025-1067 | cve | There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introdu... |
| 7.3 | 2025-02-25 | CVE-2025-1068 | cve | There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to i... |
| N/A | 2025-02-25 | CVE-2025-1204 | cve | The "update" binary in the firmware of the affected product sends attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. Th... |
| 8.8 | 2025-02-25 | CVE-2024-12368 | cve | Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users. |
| 7.5 | 2025-02-25 | CVE-2025-23046 | cve | GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use... |
| 6.5 | 2025-02-25 | CVE-2025-25192 | cve | GLPI is a free asset and IT management software package. Prior to version 10.0.18, a low privileged user can enable debug mode and access sensitive information. Version 10.0.18 ... |
| N/A | 2025-02-25 | CVE-2025-1676 | cve | A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. Th... |
| 5.3 | 2025-02-25 | CVE-2025-1262 | cve | The Advanced Google reCaptcha plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.27 . This makes it possible for unauthenticated attackers ... |
| N/A | 2025-02-25 | CVE-2024-51539 | cve | The Dell Secure Connect Gateway (SCG) Application and Appliance, versions prior to 5.28, contains a SQL injection vulnerability due to improper neutralization of special element... |
| N/A | 2025-02-25 | CVE-2024-10545 | cve | The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and escape some of its Image settings, which could allow high privilege users such as... |
| N/A | 2025-02-25 | CVE-2025-22210 | cve | A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the c... |
| 5.3 | 2025-02-25 | CVE-2025-1063 | cve | The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.... |
| 9.8 | 2025-02-25 | CVE-2025-1128 | cve | The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion ... |
| 7.5 | 2025-02-25 | CVE-2025-1648 | cve | The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the... |
| 8.2 | 2025-02-25 | CVE-2025-1673 | cve | A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. |
| 4.3 | 2025-02-25 | CVE-2024-13494 | cve | The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. This is due to missing or incorrect nonc... |
| 8.2 | 2025-02-25 | CVE-2025-1674 | cve | A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. |
| 9.1 | 2025-02-25 | CVE-2025-1675 | cve | The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the cop... |
| Page(s) : 1 ... 900 901 902 903 904 905 906 907 908 909 [910] 911 912 913 914 915 916 917 918 919 920 ... | Result(s) : 300446 |
