cvefeed.io

CVE-2024-25019 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-25019

feedly.com

CVE-2024-25019 - IBM Cognos Controller 11.0.0 and 11.0.1 could beLatest Vulnerabilities / 14mo CVE ID : CVE-2024-25019 Published : Dec. 3, 2024, 5:15 p.m. 2 hours, 7 minutes ago Description : IBM Cognos Controller 11.0.0 and 11.0.1 could be vulnerable to malicious file upload by not validating the type of file uploaded to Journal entry attachments. Attackers can make use of this weakness and upload malicious executable files into the system that can be sent to victims for performing further attacks. Sever

https://cvefeed.io/vuln/detail/CVE-2024-25019?utm_source=feedly

DOFOLLOW

CVE-2025-32664 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-32664

feedly.com

CVE-2025-32664 - Nepali Date Utilities CSRF Stored XSSLatest Vulnerabilities / 10mo CVE ID : CVE-2025-32664 Published : April 9, 2025, 5:15 p.m. 1 hour, 37 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in ashokbasnet Nepali Date Utilities allows Stored XSS. This issue affects Nepali Date Utilities: from n/a through 1.0.13. Severity: 7.1

https://cvefeed.io/vuln/detail/CVE-2025-32664?utm_source=feedly

DOFOLLOW

CVE-2024-47934 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-47934

feedly.com

CVE-2024-47934 - TXOne Networks Portable Inspector TXOne Networks Portable Inspector Pro Edition Input Validation Denial of ServiceLatest Vulnerabilities / 13mo CVE ID : CVE-2024-47934 Published : Jan. 8, 2025, 3:15 a.m. 53 minutes ago Description : Improper Input Validation vulnerability in Management Program in TXOne Networks Portable Inspector and Portable Inspector Pro Edition allows remote attacker to crash management service. The Denial of Service situation can be resolved by restarting the manageme

https://cvefeed.io/vuln/detail/CVE-2024-47934?utm_source=feedly

DOFOLLOW

CVE-2024-12321 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-12321

feedly.com

CVE-2024-12321 - "WC Affiliate Reflected Cross-Site Scripting Vulnerability"Latest Vulnerabilities / 12mo CVE ID : CVE-2024-12321 Published : Jan. 27, 2025, 6:15 a.m. 5 hours, 37 minutes ago Description : The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. Severity: 0.0 NA Visit the link for more details,

https://cvefeed.io/vuln/detail/CVE-2024-12321?utm_source=feedly

DOFOLLOW

CVE-2024-4945 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-4945

feedly.com

CVE-2024-4945 - A vulnerability was found in SourceCodester Best CLatest Vulnerabilities / 21mo CVE ID : CVE-2024-4945 Published : May 16, 2024, 5:15 a.m. 20 minutes ago Description : A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of the argument id leads to unrestricted upload. It is possible to launch the attack remotely.

https://cvefeed.io/vuln/detail/CVE-2024-4945?utm_source=feedly

DOFOLLOW

CVE-2024-44313 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-44313

feedly.com

CVE-2024-44313 - TastyIgniter Unauthenticated Invoice Generation VulnerabilityLatest Vulnerabilities / 10mo CVE ID : CVE-2024-44313 Published : March 18, 2025, 3:15 p.m. 1 hour, 17 minutes ago Description : TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products

https://cvefeed.io/vuln/detail/CVE-2024-44313?utm_source=feedly

DOFOLLOW

CVE-2025-32787 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-32787

feedly.com

CVE-2025-32787 - SoftEtherVPN NULL Dereference VulnerabilityLatest Vulnerabilities / 9mo CVE ID : CVE-2025-32787 Published : April 16, 2025, 10:15 p.m. 21 minutes ago Description : SoftEtherVPN is a an open-source cross-platform multi-protocol VPN Program. Versions 5.02.5184 to 5.02.5187 are vulnerable to NULL dereference in `DeleteIPv6DefaultRouterInRA` called by `StorePacket`. Before dereferencing, `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program

https://cvefeed.io/vuln/detail/CVE-2025-32787?utm_source=feedly

DOFOLLOW

CVE-2023-52290 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2023-52290

feedly.com

CVE-2023-52290 - Streampark-console SQL Injection VulnerabilityLatest Vulnerabilities / 19mo CVE ID : CVE-2023-52290 Published : July 16, 2024, 8:15 a.m. 20 minutes ago Description : In streampark-console the list pages(e.g: application pages), users can sort page by field. This sort field is sent from the front-end to the back-end, and the SQL query is generated using this field. However, because this sort field isn't validated, there is a risk of SQL injection vulnerability. The attacker must succe

https://cvefeed.io/vuln/detail/CVE-2023-52290?utm_source=feedly

DOFOLLOW

CVE-2025-25280 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-25280

feedly.com

CVE-2025-25280 - Century Systems Co., Ltd. FutureNet AS and FA Series Remote Reboot VulnerabilityLatest Vulnerabilities / 11mo CVE ID : CVE-2025-25280 Published : March 3, 2025, 9:15 a.m. 35 minutes ago Description : Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request

https://cvefeed.io/vuln/detail/CVE-2025-25280?utm_source=feedly

DOFOLLOW

CVE-2025-0529 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-0529

feedly.com

CVE-2025-0529 - Apache Train Ticket Reservation System Stack-Based Buffer OverflowLatest Vulnerabilities / 12mo CVE ID : CVE-2025-0529 Published : Jan. 17, 2025, 3:15 p.m. 49 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement.

https://cvefeed.io/vuln/detail/CVE-2025-0529?utm_source=feedly

DOFOLLOW

CVE-2024-51845 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-51845

feedly.com

CVE-2024-51845 - Richteam Share Buttons - SQL InjectionLatest Vulnerabilities / 15mo CVE ID : CVE-2024-51845 Published : Nov. 11, 2024, 6:15 a.m. 51 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Richteam Share Buttons – Social Media allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through 1.0.2. Severity: 8.5

https://cvefeed.io/vuln/detail/CVE-2024-51845?utm_source=feedly

DOFOLLOW

CVE-2025-29993 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-29993

feedly.com

CVE-2025-29993 - PowerCMS HTTP Header Injection VulnerabilityLatest Vulnerabilities / 10mo CVE ID : CVE-2025-29993 Published : March 27, 2025, 10:15 a.m. 45 minutes ago Description : The affected versions of PowerCMS allow HTTP header injection. This vulnerability can be leveraged to direct the affected product to send email with a tampered URL, such as password reset mail. Severity: 5.3 MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2025-29993?utm_source=feedly

DOFOLLOW

CVE-2024-12598 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-12598

feedly.com

CVE-2024-12598 - MyBookProgress by Stormhill Media WordPress Stored Cross-Site Scripting (XSS)Latest Vulnerabilities / 12mo CVE ID : CVE-2024-12598 Published : Jan. 17, 2025, 7:15 a.m. 46 minutes ago Description : The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Co

https://cvefeed.io/vuln/detail/CVE-2024-12598?utm_source=feedly

DOFOLLOW

CVE-2020-36991 Vulnerability Details, CVSS Score & Remediation

https://www.ctrlaltnod.com/cve/cve-2020-36991-sharemouse-unquoted-service-path-privilege-escalation-2

ctrlaltnod.com

CVE Feed - CVE-2020-36991

https://cvefeed.io/vuln/detail/CVE-2020-36991?ref=ctrlaltnod.com

DOFOLLOW

CVE-2024-54260 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-54260

feedly.com

CVE-2024-54260 - BlazeThemes News Kit Elementor Addons Cross-site ScriptingLatest Vulnerabilities / 14mo CVE ID : CVE-2024-54260 Published : Dec. 9, 2024, 1:15 p.m. 50 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlazeThemes News Kit Elementor Addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through 1.2.2. Severity: 6.5

https://cvefeed.io/vuln/detail/CVE-2024-54260?utm_source=feedly

DOFOLLOW

CVE-2024-12975 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-12975

feedly.com

CVE-2024-12975 - Cisco CPC Buffer Overread VulnerabilityLatest Vulnerabilities / 11mo CVE ID : CVE-2024-12975 Published : March 7, 2025, 5:15 p.m. 1 hour, 18 minutes ago Description : A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2024-12975?utm_source=feedly

DOFOLLOW

CVE-2024-0912 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-0912

feedly.com

CVE-2024-0912 - Under certain circumstances the Microsoft® InterneLatest Vulnerabilities / 20mo CVE ID : CVE-2024-0912 Published : June 6, 2024, 12:15 a.m. 21 minutes ago Description : Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions Severity: 0.0 NA Visit the link for more details, such as CVSS

https://cvefeed.io/vuln/detail/CVE-2024-0912?utm_source=feedly

DOFOLLOW

CVE-2024-12283 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-12283

feedly.com

CVE-2024-12283 - WordPress WP Pipes Reflected Cross-Site Scripting VulnerabilityLatest Vulnerabilities / 14mo CVE ID : CVE-2024-12283 Published : Dec. 11, 2024, 9:15 a.m. 51 minutes ago Description : The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha

https://cvefeed.io/vuln/detail/CVE-2024-12283?utm_source=feedly

DOFOLLOW

CVE-2024-54928 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-54928

feedly.com

CVE-2024-54928 - Kashipara E-learning SQL InjectionLatest Vulnerabilities / 14mo CVE ID : CVE-2024-54928 Published : Dec. 9, 2024, 7:15 p.m. 19 minutes ago Description : kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_teacher.php, Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2024-54928?utm_source=feedly

DOFOLLOW

CVE-2024-37728 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-37728

feedly.com

CVE-2024-37728 - OfficeWeb365 Arbitrary File Read VulnerabilityLatest Vulnerabilities / 17mo CVE ID : CVE-2024-37728 Published : Sept. 10, 2024, 2:15 p.m. 15 minutes ago Description : Arbitrary File Read vulnerability in Xi'an Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, a

https://cvefeed.io/vuln/detail/CVE-2024-37728?utm_source=feedly

DOFOLLOW

CVE-2024-13724 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-13724

feedly.com

CVE-2024-13724 - WooCommerce Wallet Unauthenticated Access VulnerabilityLatest Vulnerabilities / 11mo CVE ID : CVE-2024-13724 Published : March 4, 2025, 9:15 a.m. 40 minutes ago Description : The Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to increase their own wallet balance,

https://cvefeed.io/vuln/detail/CVE-2024-13724?utm_source=feedly

DOFOLLOW

CVE-2025-21595 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-21595

feedly.com

CVE-2025-21595 - Juniper Networks Junos OS and Junos OS Evolved EVPN-VXLAN ARP and NDP Packet Handling Denial of ServiceLatest Vulnerabilities / 10mo CVE ID : CVE-2025-21595 Published : April 9, 2025, 8:15 p.m. 25 minutes ago Description : A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service (DoS). On all J

https://cvefeed.io/vuln/detail/CVE-2025-21595?utm_source=feedly

DOFOLLOW

CVE-2024-12415 - Exploits & Severity - Feedly

feedly.com

CVE-2024-12415 - "WordPress AI Infographic Maker Plugin Shortcode Execution Vulnerability"Latest Vulnerabilities / 12mo CVE ID : CVE-2024-12415 Published : Jan. 31, 2025, 11:15 a.m. 1 hour, 37 minutes ago Description : The The AI Infographic Maker plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.9.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode

DOFOLLOW

CVE-2023-52232 - Exploits & Severity - Feedly

feedly.com

CVE-2023-52232 - Missing Authorization vulnerability in Pluggabl LLLatest Vulnerabilities / 20mo CVE ID : CVE-2023-52232 Published : June 9, 2024, 9:15 a.m. 22 minutes ago Description : Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. Severity: 6.5 MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

DOFOLLOW

CVE-2025-22730 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-22730

feedly.com

CVE-2025-22730 - Ksher Unauthenticated Access Control BypassLatest Vulnerabilities / 12mo CVE ID : CVE-2025-22730 Published : Feb. 4, 2025, 3:15 p.m. 3 hours, 41 minutes ago Description : Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ksher: from n/a through 1.1.2. Severity:

https://cvefeed.io/vuln/detail/CVE-2025-22730?utm_source=feedly

DOFOLLOW

CVE-2023-46400 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2023-46400

feedly.com

CVE-2023-46400 - KWHotel CSV Formula Injection Vulnerability in Add Guest FunctionLatest Vulnerabilities / 12mo CVE ID : CVE-2023-46400 Published : Jan. 23, 2025, 10:15 p.m. 48 minutes ago Description : KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2023-46400?utm_source=feedly

DOFOLLOW

CVE-2025-31537 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-31537

feedly.com

CVE-2025-31537 - Madfishdigital Bulk NoIndex & NoFollow Toolkit Cross-site ScriptingLatest Vulnerabilities / 10mo CVE ID : CVE-2025-31537 Published : April 1, 2025, 9:15 p.m. 37 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in madfishdigital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS. This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.16. Severity: 7.1

https://cvefeed.io/vuln/detail/CVE-2025-31537?utm_source=feedly

DOFOLLOW

CVE-2025-22756 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-22756

feedly.com

CVE-2025-22756 - CVE-2022-47947: Apache HTTP Server Command InjectionLatest Vulnerabilities / 8mo CVE ID : CVE-2025-22756 Published : May 14, 2025, 2:15 p.m. 2 hours, 42 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2025-22756?utm_source=feedly

DOFOLLOW

CVE-2024-51190 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-51190

feedly.com

CVE-2024-51190 - TRENDnet Web Router Cross-site Scripting (XSS) VulnerabilityLatest Vulnerabilities / 15mo CVE ID : CVE-2024-51190 Published : Nov. 11, 2024, 8:15 p.m. 54 minutes ago Description : TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the ptRule_ApplicationName_1.1.6.0.0 parameter on the /special_ap.htm page. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timel

https://cvefeed.io/vuln/detail/CVE-2024-51190?utm_source=feedly

DOFOLLOW

CVE-2024-35689 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-35689

feedly.com

CVE-2024-35689 - Cross-Site Request Forgery (CSRF) vulnerability inLatest Vulnerabilities / 20mo CVE ID : CVE-2024-35689 Published : June 8, 2024, 3:15 p.m. 16 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3. Severity: 5.4 MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2024-35689?utm_source=feedly

DOFOLLOW

CVE-2025-0637 - Exploits & Severity - Feedly

feedly.com

CVE-2025-0637 - Beta10 Full Path Traversal Authorization Bypass VulnerabilityLatest High/Critical Vulnerabilitiy Feed / 12mo CVE ID : CVE-2025-0637 Published : Jan. 23, 2025, 4:15 p.m. 45 minutes ago Description : It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authentication, to access private areas and/or areas intended for other roles. The vulnerability has been iden

DOFOLLOW

CVE-2025-20895 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-20895

feedly.com

CVE-2025-20895 - Galaxy Store Authentication Bypass VulnerabilityLatest Vulnerabilities / 12mo CVE ID : CVE-2025-20895 Published : Feb. 4, 2025, 8:15 a.m. 4 hours, 34 minutes ago Description : Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard. Severity: 3.2 LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2025-20895?utm_source=feedly

DOFOLLOW

CVE-2024-36568 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-36568

feedly.com

CVE-2024-36568 - Sourcecodester Gas Agency Management System v1.0 iLatest Vulnerabilities / 20mo CVE ID : CVE-2024-36568 Published : June 3, 2024, 2:15 p.m. 17 minutes ago Description : Sourcecodester Gas Agency Management System v1.0 is vulnerable to SQL Injection via /gasmark/editbrand.php?id=. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2024-36568?utm_source=feedly

DOFOLLOW

CVE-2023-3092

https://feedly.com/cve/CVE-2023-3092

feedly.com

CVE-2025-3673 - Apache HTTP Server Remote Code Execution VulnerabilityLatest Vulnerabilities / 9mo CVE ID : CVE-2025-3673 Published : April 23, 2025, 7:16 p.m. 6 hours, 20 minutes ago Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-3092.. Reason:

https://cvefeed.io/vuln/detail/CVE-2025-3673?utm_source=feedly

DOFOLLOW

CVE-2025-27016 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-27016

feedly.com

CVE-2025-27016 - Google Drive Plugin Cross-site Scripting (XSS)Latest Vulnerabilities / 11mo CVE ID : CVE-2025-27016 Published : Feb. 18, 2025, 8:15 p.m. 2 hours, 52 minutes ago Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite – Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite – Google Drive Plugin: from n/a through 1.0.1. Severity:

https://cvefeed.io/vuln/detail/CVE-2025-27016?utm_source=feedly

DOFOLLOW

CVE-2024-49382 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-49382

feedly.com

CVE-2024-49382 - Acronis Cyber Protect Unrestricted IP Binding WeaknessLatest Vulnerabilities / 16mo CVE ID : CVE-2024-49382 Published : Oct. 15, 2024, 11:15 a.m. 15 minutes ago Description : Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690. Severity:

https://cvefeed.io/vuln/detail/CVE-2024-49382?utm_source=feedly

DOFOLLOW

CVE-2023-38395 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2023-38395

feedly.com

CVE-2023-38395 - Missing Authorization vulnerability in Afzal MultaLatest Vulnerabilities / 20mo CVE ID : CVE-2023-38395 Published : June 12, 2024, 10:15 a.m. 20 minutes ago Description : Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1. Severity: 5.4 MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2023-38395?utm_source=feedly

DOFOLLOW

CVE-2025-4325 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-4325

feedly.com

CVE-2025-4325 - MRCMS Cross-Site Scripting VulnerabilityLatest Vulnerabilities / 9mo CVE ID : CVE-2025-4325 Published : May 6, 2025, 6:15 a.m. 32 minutes ago Description : A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. This vulnerability affects unknown code of the file /admin/category/add.do of the component Category Management Page. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to th

https://cvefeed.io/vuln/detail/CVE-2025-4325?utm_source=feedly

DOFOLLOW

CVE-2024-8179 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-8179

feedly.com

CVE-2024-8179 - GitLab Cross-Site Scripting (XSS)Latest Vulnerabilities / 14mo CVE ID : CVE-2024-8179 Published : Dec. 12, 2024, 12:15 p.m. 19 minutes ago Description : An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled. Severity: 5.4

https://cvefeed.io/vuln/detail/CVE-2024-8179?utm_source=feedly

DOFOLLOW

CVE-2024-57774 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-57774

feedly.com

CVE-2024-57774 - JFinalOA Cross-Site Scripting (XSS)Latest Vulnerabilities / 12mo CVE ID : CVE-2024-57774 Published : Jan. 16, 2025, 6:15 p.m. 49 minutes ago Description : A cross-site scripting (XSS) vulnerability in the getBusinessUploadListPage?busid interface of JFinalOA before v2025.01.01 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2024-57774?utm_source=feedly

DOFOLLOW

CVE-2025-1228 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-1228

feedly.com

CVE-2025-1228 - Olajowon Loggrove Path Traversal VulnerabilityLatest Vulnerabilities / 12mo CVE ID : CVE-2025-1228 Published : Feb. 12, 2025, 10:15 p.m. 4 hours, 31 minutes ago Description : A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1&logfile=LOG_Monitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal. It is p

https://cvefeed.io/vuln/detail/CVE-2025-1228?utm_source=feedly

DOFOLLOW

CVE-2024-51728 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-51728

feedly.com

CVE-2024-51728 - Cisco Information Disclosure VulnerabilityLatest Vulnerabilities / 13mo CVE ID : CVE-2024-51728 Published : Jan. 13, 2025, 10:15 a.m. 52 minutes ago Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none.

https://cvefeed.io/vuln/detail/CVE-2024-51728?utm_source=feedly

DOFOLLOW

Vulnerabilidad crítica en Progress LoadMaster – Telconet CSIRT

https://csirt.telconet.net/comunicacion/boletines-servicios/vulnerabilidad-critica-en-progress-loadmaster

csirt.telconet.net

https://cvefeed.io/vuln/detail/CVE-2024-7591

https://cvefeed.io/vuln/detail/CVE-2024-7591

DOFOLLOW

CVE-2025-24908 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-24908

feedly.com

CVE-2025-24908 - Hitachi Vantara Pentaho Path Traversal VulnerabilityLatest Vulnerabilities / 9mo CVE ID : CVE-2025-24908 Published : April 16, 2025, 11:15 p.m. 56 minutes ago Description : Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory. (CWE-35) Description Hitachi Vantara Pentaho Dat

https://cvefeed.io/vuln/detail/CVE-2025-24908?utm_source=feedly

DOFOLLOW

CVE-2025-65890 Vulnerability Details, CVSS Score & Remediation

https://www.ctrlaltnod.com/cve/cve-2025-65890-oneflow-device-id-validation-flaw-causes-dos

ctrlaltnod.com

CVE-2025-65890 - OneFlow CUDA Synchronize Denial of Service Vulnerability

https://cvefeed.io/vuln/detail/CVE-2025-65890?ref=ctrlaltnod.com

DOFOLLOW

CVE-2025-0696 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-0696

feedly.com

CVE-2025-0696 - Cesanta Frozen NULL Pointer Dereference VulnerabilityLatest Vulnerabilities / 12mo CVE ID : CVE-2025-0696 Published : Jan. 27, 2025, 11:15 a.m. 3 hours, 33 minutes ago Description : A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. Severity: 5.3 MEDIUM Visit the link for more details, such as CVSS details, affected products, timelin

https://cvefeed.io/vuln/detail/CVE-2025-0696?utm_source=feedly

DOFOLLOW

CVE-2024-49655 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-49655

feedly.com

(no anchor)

https://cvefeed.io/vuln/detail/CVE-2024-49655?utm_source=feedly

DOFOLLOW

CVE-2024-12222 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2024-12222

feedly.com

CVE-2024-12222 - Shipos for WooCommerce Cross-Site Scripting VulnerabilityLatest Vulnerabilities / 13mo CVE ID : CVE-2024-12222 Published : Jan. 9, 2025, 11:15 a.m. 54 minutes ago Description : The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfw_bulk_label_url’ parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inj

https://cvefeed.io/vuln/detail/CVE-2024-12222?utm_source=feedly

DOFOLLOW

CVE-2025-29454 - Exploits & Severity - Feedly

https://feedly.com/cve/CVE-2025-29454

feedly.com

CVE-2025-29454 - Personal Management System File Upload Information Disclosure VulnerabilityLatest Vulnerabilities / 9mo CVE ID : CVE-2025-29454 Published : April 17, 2025, 9:15 p.m. 5 hours, 57 minutes ago Description : An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the Upload function. Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

https://cvefeed.io/vuln/detail/CVE-2025-29454?utm_source=feedly

DOFOLLOW

MicroWorld eScan 2024 Update Server Breach: Supply Chain Attack

https://aviatrix.ai/threat-research-center/microworld-2024-update-server-supply-chain-breach

aviatrix.ai

https://cvefeed.io/vuln/detail/CVE-2024-13990

https://cvefeed.io/vuln/detail/CVE-2024-13990

DOFOLLOW