| Page(s) : 1 ... 958 959 960 961 962 963 964 965 966 967 [968] 969 970 971 972 973 974 975 976 977 978 ... | Result(s) : 300532 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-13 | CVE-2024-8266 | cve | An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project... |
| N/A | 2025-02-13 | CVE-2025-25286 | cve | Crayfish is a collection of Islandora 8 microservices, one of which, Homarus, provides FFmpeg as a microservice. Prior to Crayfish version 4.1.0, remote code execution may be po... |
| 5.4 | 2025-02-13 | CVE-2024-13644 | cve | The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's De Gallery widget in all versions up to, and including, 2.1.... |
| N/A | 2025-02-13 | CVE-2025-0896 | cve | Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker. |
| N/A | 2025-02-13 | CVE-2025-1198 | cve | An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in Action... |
| 9.8 | 2025-02-13 | CVE-2024-10763 | cve | The Campress theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.35 via the 'campress_woocommerce_get_ajax_products' func... |
| 5.4 | 2025-02-13 | CVE-2024-13227 | cve | The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions u... |
| 4.3 | 2025-02-13 | CVE-2024-13229 | cve | The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the update_metadat... |
| 9.8 | 2025-02-13 | CVE-2024-13770 | cve | The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via des... |
| 5.4 | 2025-02-13 | CVE-2025-0837 | cve | The Puzzles theme for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.2.4 due to insufficient input sanitization and ou... |
| N/A | 2025-02-12 | CVE-2024-34520 | cve | An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' u... |
| N/A | 2025-02-12 | CVE-2024-34521 | cve | A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access syste... |
| N/A | 2025-02-12 | CVE-2024-51376 | cve | Directory Traversal vulnerability in yeqifu carRental v.1.0 allows a remote attacker to obtain sensitive information via the file/downloadFile.action?path= component. |
| N/A | 2025-02-12 | CVE-2025-0937 | cve | Nomad Community and Nomad Enterprise ("Nomad") event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces. |
| N/A | 2025-02-12 | CVE-2025-1146 | cve | CrowdStrike uses industry-standard TLS (transport layer security) to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validati... |
| N/A | 2025-02-12 | CVE-2025-1215 | cve | A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log... |
| 8.8 | 2025-02-12 | CVE-2025-1216 | cve | A vulnerability, which was classified as critical, has been found in ywoa up to 2024.07.03. This issue affects the function selectNoticeList of the file com/cloudweb/oa/mapper/x... |
| N/A | 2025-02-12 | CVE-2025-25201 | cve | Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid ke... |
| N/A | 2025-02-12 | CVE-2025-25205 | cve | Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenti... |
| N/A | 2025-02-12 | CVE-2025-25283 | cve | parse-duraton is software that allows users to convert a human readable duration to milliseconds. Versions prior to 2.1.3 are vulnerable to an event loop delay due to the CPU-bo... |
| Page(s) : 1 ... 958 959 960 961 962 963 964 965 966 967 [968] 969 970 971 972 973 974 975 976 977 978 ... | Result(s) : 300532 |
