| Page(s) : 1 ... 916 917 918 919 920 921 922 923 924 925 [926] 927 928 929 930 931 932 933 934 935 936 ... | Result(s) : 326241 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-25 | CVE-2025-26991 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS. This issue affects WPPizza... |
| N/A | 2025-02-25 | CVE-2025-26993 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim allows Reflected XSS. This issue affects Atarim... |
| N/A | 2025-02-25 | CVE-2025-26995 | cve | Missing Authorization vulnerability in Anton Vanyukov Market Exporter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Market Exporter... |
| N/A | 2025-02-25 | CVE-2025-27000 | cve | Missing Authorization vulnerability in George Pattichis Simple Photo Feed allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple Phot... |
| 6.1 | 2025-02-25 | CVE-2024-11955 | cve | A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The mani... |
| 6.5 | 2025-02-25 | CVE-2025-21626 | cve | GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the `statu... |
| 6.1 | 2025-02-25 | CVE-2025-21627 | cve | GLPI is a free asset and IT management software package. In versions prior to 10.0.18, a malicious link can be crafted to perform a reflected XSS attack on the search page. If t... |
| 4.3 | 2025-02-25 | CVE-2025-23024 | cve | GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.... |
| 7.8 | 2025-02-25 | CVE-2025-26594 | cve | A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal refere... |
| 7.8 | 2025-02-25 | CVE-2025-26595 | cve | A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers t... |
| 7.8 | 2025-02-25 | CVE-2025-26596 | cve | A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a he... |
| 7.8 | 2025-02-25 | CVE-2025-26597 | cve | A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions un... |
| 7.8 | 2025-02-25 | CVE-2025-26598 | cve | An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching valu... |
| 7.8 | 2025-02-25 | CVE-2025-26599 | cve | An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, com... |
| 7.8 | 2025-02-25 | CVE-2025-26600 | cve | A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying... |
| 7.8 | 2025-02-25 | CVE-2025-26601 | cve | A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as re... |
| 7.3 | 2025-02-25 | CVE-2025-1067 | cve | There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introdu... |
| 7.3 | 2025-02-25 | CVE-2025-1068 | cve | There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to i... |
| N/A | 2025-02-25 | CVE-2025-1204 | cve | The "update" binary in the firmware of the affected product sends attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. Th... |
| 8.8 | 2025-02-25 | CVE-2024-12368 | cve | Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users. |
| Page(s) : 1 ... 916 917 918 919 920 921 922 923 924 925 [926] 927 928 929 930 931 932 933 934 935 936 ... | Result(s) : 326241 |
