Alerts

Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users.

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network.

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.

StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).

agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to contain an XML External Entity (XXE) via the RSSReader endpoint. This vulnerability allows attackers to access sensitive...

Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects...

A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the...