| Page(s) : 1 ... 913 914 915 916 917 918 919 920 921 922 [923] 924 925 926 927 928 929 930 931 932 933 ... | Result(s) : 300504 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-22 | CVE-2025-21704 | cve | In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct... |
| 5.3 | 2025-02-22 | CVE-2024-22341 | cve | IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data ... |
| N/A | 2025-02-22 | CVE-2023-4261 | cve | Rejected reason: This CVE ID is Rejected because the issue was not a vulnerability. The data field reported is not attacker controlled. |
| 4.3 | 2025-02-22 | CVE-2024-13873 | cve | The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, ... |
| 7.2 | 2025-02-22 | CVE-2024-13899 | cve | The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data para... |
| 9.8 | 2025-02-22 | CVE-2025-1509 | cve | The The Show Me The Cookies plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to the software allowing u... |
| 9.8 | 2025-02-22 | CVE-2025-1510 | cve | The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.7.1. This is due to the softwa... |
| 5.4 | 2025-02-22 | CVE-2024-12038 | cve | The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to Stored Cross-Site Sc... |
| 6.1 | 2025-02-22 | CVE-2024-12467 | cve | The Pago por Redsys plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'Ds_MerchantParameters' parameter in all versions up to, and including... |
| 7.5 | 2025-02-22 | CVE-2024-13474 | cve | The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all ver... |
| 5.3 | 2025-02-22 | CVE-2024-13798 | cve | The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to in... |
| 3.3 | 2025-02-22 | CVE-2024-45674 | cve | IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.... |
| N/A | 2025-02-21 | CVE-2020-19248 | cve | SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching fo... |
| N/A | 2025-02-21 | CVE-2025-25604 | cve | Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. |
| N/A | 2025-02-21 | CVE-2025-25605 | cve | Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. |
| N/A | 2025-02-21 | CVE-2025-25767 | cve | A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request. |
| N/A | 2025-02-21 | CVE-2025-25768 | cve | MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attacker... |
| N/A | 2025-02-21 | CVE-2025-25769 | cve | Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java. |
| N/A | 2025-02-21 | CVE-2025-25770 | cve | Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java. |
| N/A | 2025-02-21 | CVE-2025-25772 | cve | A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted r... |
| Page(s) : 1 ... 913 914 915 916 917 918 919 920 921 922 [923] 924 925 926 927 928 929 930 931 932 933 ... | Result(s) : 300504 |
