| Page(s) : 1 ... 944 945 946 947 948 949 950 951 952 953 [954] 955 956 957 958 959 960 961 962 963 964 ... | Result(s) : 326575 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2025-02-22 | CVE-2024-13798 | cve | The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to in... |
| 3.3 | 2025-02-22 | CVE-2024-45674 | cve | IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.... |
| N/A | 2025-02-21 | CVE-2020-19248 | cve | SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in a malicious user's ability to contaminate template content by searching fo... |
| N/A | 2025-02-21 | CVE-2025-25604 | cve | Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable function in mtkwifi.lua. |
| N/A | 2025-02-21 | CVE-2025-25605 | cve | Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the apcli_wps_gen_pincode function in mtkwifi.lua. |
| N/A | 2025-02-21 | CVE-2025-25767 | cve | A vertical privilege escalation vulnerability in the component /controller/UserController.java of MRCMS v3.1.2 allows attackers to arbitrarily delete users via a crafted request. |
| N/A | 2025-02-21 | CVE-2025-25768 | cve | MRCMS v3.1.2 was discovered to contain a server-side template injection (SSTI) vulnerability in the component \servlet\DispatcherServlet.java. This vulnerability allows attacker... |
| N/A | 2025-02-21 | CVE-2025-25769 | cve | Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java. |
| N/A | 2025-02-21 | CVE-2025-25770 | cve | Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java. |
| N/A | 2025-02-21 | CVE-2025-25772 | cve | A Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add Administrator accounts via a crafted r... |
| N/A | 2025-02-21 | CVE-2025-1555 | cve | A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argu... |
| N/A | 2025-02-21 | CVE-2025-25282 | cve | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine based on deep document understanding. An authenticated user can exploit the Insecure Direct Object Referenc... |
| N/A | 2025-02-21 | CVE-2019-8900 | cve | A vulnerability in the SecureROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. This vulnerabi... |
| N/A | 2025-02-21 | CVE-2025-26622 | cve | vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the babylonian method to calculate square roots of decimals. Unfortunately, improper handlin... |
| N/A | 2025-02-21 | CVE-2025-27104 | cve | vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single expression is possible in the iterator target of a for loop. While the iterator expressi... |
| N/A | 2025-02-21 | CVE-2025-27105 | cve | vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case... |
| N/A | 2025-02-21 | CVE-2025-27106 | cve | binance-trading-bot is an automated Binance trading bot with trailing buy/sell strategy. Authenticated users of binance-trading-bot can achieve Remote Code Execution on the host... |
| 6.1 | 2025-02-21 | CVE-2025-27108 | cve | dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript's `.replace()` opens up to potential Cross-site Scripting... |
| N/A | 2025-02-21 | CVE-2025-27109 | cve | solid-js is a declarative, efficient, and flexible JavaScript library for building user interfaces. In affected versions Inserts/JSX expressions inside illegal inlined JSX fragm... |
| N/A | 2025-02-21 | CVE-2025-0838 | cve | There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve(), and rehash() methods of absl::{flat,node}hash{set,map} did not impose an upper b... |
| Page(s) : 1 ... 944 945 946 947 948 949 950 951 952 953 [954] 955 956 957 958 959 960 961 962 963 964 ... | Result(s) : 326575 |
