| Page(s) : 1 ... 924 925 926 927 928 929 930 931 932 933 [934] 935 936 937 938 939 940 941 942 943 944 ... | Result(s) : 326353 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-24 | CVE-2024-57685 | cve | An issue in sparkshop v.1.1.7 and before allows a remote attacker to execute arbitrary code via a crafted phar file. |
| N/A | 2025-02-24 | CVE-2025-22974 | cve | SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component. |
| 6.1 | 2025-02-24 | CVE-2025-27143 | cve | Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation ... |
| N/A | 2025-02-24 | CVE-2025-27144 | cve | Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (J... |
| 6.5 | 2025-02-24 | CVE-2025-27112 | cve | Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in ... |
| 8.8 | 2025-02-24 | CVE-2025-27133 | cve | WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was discovered in the WeGIA application prior to version 3.2.15 at the `adicionar_tipo_exame.ph... |
| N/A | 2025-02-24 | CVE-2025-27364 | cve | In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the se... |
| N/A | 2025-02-24 | CVE-2025-26525 | cve | Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available (such as those with TeX Live installed). |
| N/A | 2025-02-24 | CVE-2025-26526 | cve | Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities. |
| N/A | 2025-02-24 | CVE-2025-26527 | cve | Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block. |
| N/A | 2025-02-24 | CVE-2025-26528 | cve | The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26529 | cve | Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26530 | cve | The question bank filter required additional sanitizing to prevent a reflected XSS risk. |
| N/A | 2025-02-24 | CVE-2025-26531 | cve | Insufficient capability checks made it possible to disable badges a user does not have permission to access. |
| N/A | 2025-02-24 | CVE-2025-26532 | cve | Additional checks were required to ensure trusttext is applied (when enabled) to glossary entries being restored. |
| N/A | 2025-02-24 | CVE-2025-26533 | cve | An SQL injection risk was identified in the module list filter within course search. |
| N/A | 2025-02-24 | CVE-2025-27137 | cve | Dependency-Track is a component analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track allows users with the `SYS... |
| N/A | 2025-02-24 | CVE-2024-57608 | cve | An issue in Via Browser 6.1.0 allows a a remote attacker to execute arbitrary code via the mark.via.Shell component. |
| 9.8 | 2025-02-24 | CVE-2025-25513 | cve | Seacms |
| 9.8 | 2025-02-24 | CVE-2025-27140 | cve | WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, `importar_dump.php... |
| Page(s) : 1 ... 924 925 926 927 928 929 930 931 932 933 [934] 935 936 937 938 939 940 941 942 943 944 ... | Result(s) : 326353 |
