| Page(s) : 1 ... 935 936 937 938 939 940 941 942 943 944 [945] 946 947 948 949 950 951 952 953 954 955 ... | Result(s) : 300527 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-18 | CVE-2024-39328 | cve | Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role (Config Admin) could exceed their configuration privileges in a multi-partition environment... |
| N/A | 2025-02-18 | CVE-2024-49589 | cve | Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument (size). |
| 3.8 | 2025-02-18 | CVE-2024-4028 | cve | A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) fr... |
| N/A | 2025-02-18 | CVE-2024-50608 | cve | An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content... |
| N/A | 2025-02-18 | CVE-2024-50609 | cve | An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0... |
| N/A | 2025-02-18 | CVE-2024-51505 | cve | An issue was discovered in Atos Eviden IDRA before 2.7.1. A highly trusted role (Config Admin) could leverage a race condition to escalate privileges. |
| N/A | 2025-02-18 | CVE-2024-56882 | cve | Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kur... |
| N/A | 2025-02-18 | CVE-2024-56883 | cve | Sage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based access controls are not always enforced on the server side. Low-privileged Sage... |
| N/A | 2025-02-18 | CVE-2025-25300 | cve | smartbanner.js is a customizable smart app banner for iOS and Android. Prior to version 1.14.1, clicking on smartbanner `View` link and navigating to 3rd party page leaves `wind... |
| N/A | 2025-02-18 | CVE-2025-26058 | cve | Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive aut... |
| N/A | 2025-02-18 | CVE-2025-26620 | cve | Duende.AccessTokenManagement is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. Duende.AccessTokenManagement contains a race condition when requestin... |
| N/A | 2025-02-18 | CVE-2024-13636 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-24926. Reason: This candidate is a reservation duplicate of CVE-2024-24926. Notes: All CVE u... |
| 5.4 | 2025-02-18 | CVE-2024-13667 | cve | The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mle-description’ parameter in all versions up to, and including, 2.9.1.6 due to insufficient... |
| 7.5 | 2025-02-18 | CVE-2024-13681 | cve | The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_admin_get_oembed' function in all versions up t... |
| 6.5 | 2025-02-18 | CVE-2024-13691 | cve | The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_recordMedia' function in all versions up to, an... |
| 4.3 | 2025-02-18 | CVE-2024-13783 | cve | The FormCraft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in formcraft-main.php in all versions up to, and including, 3.9... |
| 9.8 | 2025-02-18 | CVE-2024-13797 | cve | The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.16. Thi... |
| 6.1 | 2025-02-18 | CVE-2025-0521 | cve | The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the from and subject parameter in all versions up to, and including, 3.0.2 due to insufficien... |
| 6.1 | 2025-02-18 | CVE-2025-0817 | cve | The FormCraft plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.9.11 due to insufficient input sanit... |
| 5.7 | 2025-02-18 | CVE-2025-1035 | cve | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File S... |
| Page(s) : 1 ... 935 936 937 938 939 940 941 942 943 944 [945] 946 947 948 949 950 951 952 953 954 955 ... | Result(s) : 300527 |
