37007 matches found
The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the LockSmtpSettings method in the software for managing and monitoring remote devices in telemetry and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...
The vulnerability of the UpdateGeneralSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the UpdateGeneralSettings method in the software for managing and monitoring removed objects in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromi...
The vulnerability of the GetGateways method in the software for managing and monitoring remote devices in telemetry and telemechanics systems allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the GetGateways method in the software for managing and monitoring remote devices in telemetering and telemechanics systems is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to compromise the...
CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...
CVE-2025-31324 Missing Authorization check in SAP NetWeaver (Visual Composer development server)
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...
CVE-2025-46528
Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through = 0.2.4...
CVE-2025-46528
CVE-2025-46528 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Availability Calendar plugin, which allows Stored XSS. Affected versions are Availability Calendar up to 0.2.4. The available connected sources confirm the CSRF vector and stored XSS potential but do not p...
CVE-2025-46528 WordPress Availability Calendar plugin <= 0.2.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through = 0.2.4...
CVE-2025-46528 WordPress Availability Calendar <= 0.2.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar: from n/a through 0.2.4...
CVE-2025-0639
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
CVE-2025-0639
CVE-2025-0639 affects GitLab CE/EE. The issue is described as impacting service availability via issue preview for all versions: 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. The connected documents do not provide exploit details. Remediation is to upgrade to fixed releases:...
CVE-2025-0639
Removed by vendor...
CVE-2025-0639 Allocation of Resources Without Limits or Throttling in GitLab
An issue has been discovered affecting service availability via issue preview in GitLab CE/EE affecting all versions from 16.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1...
WordPress plugin Availability Calendar 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
GitLab Enterprise Edition(EE)和GitLab Community Edition(CE) 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...
Amazon Linux AMI : runc (ALAS-2021-1556)
The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a.1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1556 advisory. runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor...
CVE-2025-46399
A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via gengeitpspline function...
CVE-2025-46400
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...