Show filters
9,959 Total Results
Displaying 251-260 of 9,959
Sort by:
Attacker Value
Unknown

CVE-2025-24728

Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yannick Lefebvre Bug Library allows Blind SQL Injection. This issue affects Bug Library: from n/a through 2.1.4.
0
0
Attacker Value
Unknown

CVE-2025-24591

Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in NinjaTeam GDPR CCPA Compliance Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GDPR CCPA Compliance Support: from n/a through 2.7.1.
0
0
Attacker Value
Unknown

CVE-2024-55194

Disclosure Date: January 23, 2025 (last updated January 30, 2025)
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-55193

Disclosure Date: January 23, 2025 (last updated January 30, 2025)
OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-55192

Disclosure Date: January 23, 2025 (last updated January 30, 2025)
OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2025-23545

Disclosure Date: January 23, 2025 (last updated January 24, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Navnish Bhardwaj WP Social Broadcast allows Reflected XSS. This issue affects WP Social Broadcast: from n/a through 1.0.0.
0
0
Attacker Value
Unknown

CVE-2025-23006

Disclosure Date: January 23, 2025 (last updated January 28, 2025)
Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2025-23500

Disclosure Date: January 22, 2025 (last updated January 23, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faaiq Ahmed, Technial Architect,faaiqsj@gmail.com Simple Custom post type custom field allows Reflected XSS. This issue affects Simple Custom post type custom field: from n/a through 1.0.3.
0
0
Attacker Value
Unknown

CVE-2025-23461

Disclosure Date: January 21, 2025 (last updated January 22, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Dotta, Jacopo Campani, di xkoll.com Social2Blog allows Reflected XSS. This issue affects Social2Blog: from n/a through 0.2.990.
0
0
Attacker Value
Unknown

CVE-2025-23454

Disclosure Date: January 21, 2025 (last updated January 22, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flashmaniac Nature FlipBook allows Reflected XSS. This issue affects Nature FlipBook: from n/a through 1.7.
0
0
View More Topics  < Previous  Next >