| Page(s) : 1 ... 902 903 904 905 906 907 908 909 910 911 [912] 913 914 915 916 917 918 919 920 921 922 ... | Result(s) : 300446 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-24 | CVE-2025-27364 | cve | In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the se... |
| N/A | 2025-02-24 | CVE-2025-26525 | cve | Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed). |
| N/A | 2025-02-24 | CVE-2025-26526 | cve | Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities. |
| N/A | 2025-02-24 | CVE-2025-26527 | cve | Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block. |
| N/A | 2025-02-24 | CVE-2025-26528 | cve | The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26529 | cve | Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26530 | cve | The question bank filter required additional sanitizing to prevent a reflected XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26531 | cve | Insufficient capability checks made it possible to disable badges a user does not have permission to access. |
| N/A | 2025-02-24 | CVE-2025-26532 | cve | Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored. |
| N/A | 2025-02-24 | CVE-2025-26533 | cve | An SQL injection risk was identified in the module list filter within course search. |
| N/A | 2025-02-24 | CVE-2025-27137 | cve | Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track allows users with the `SYS... |
| N/A | 2025-02-24 | CVE-2024-57608 | cve | An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component. |
| 9.8 | 2025-02-24 | CVE-2025-25513 | cve | Seacms |
| 9.8 | 2025-02-24 | CVE-2025-27140 | cve | WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, `importar_dump.php... |
| 6.5 | 2025-02-24 | CVE-2025-27141 | cve | Metabase Enterprise Edition is the enterprise version of Metabase business intelligence and data analytics software. Starting in version 1.47.0 and prior to versions 1.50.36, 1.... |
| 8.8 | 2025-02-24 | CVE-2024-12916 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection.This issue affects L... |
| 8.3 | 2025-02-24 | CVE-2024-12917 | cve | Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentic... |
| 8.8 | 2025-02-24 | CVE-2024-12918 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection.This issue affects... |
| N/A | 2025-02-24 | CVE-2025-23017 | cve | WorkOS Hosted AuthKit before 2025-01-07 allows a password authentication MFA bypass (by enrolling a new authentication factor) when the attacker knows the user's password. ... |
| N/A | 2025-02-24 | CVE-2025-26883 | cve | Missing Authorization vulnerability in bPlugins Animated Text Block allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Animated Text Blo... |
| Page(s) : 1 ... 902 903 904 905 906 907 908 909 910 911 [912] 913 914 915 916 917 918 919 920 921 922 ... | Result(s) : 300446 |
