Riasztások

Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command injection vulnerability. An attacker who...

Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2024....

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to...

Tiny File Manager v2.4.7 and below was discovered to contain a Cross Site Scripting (XSS) vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected...

Tiny File Manager v2.4.7 and below is vulnerable to session fixation.

Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office...

In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in the getuserproperty function allows user's configuration and PII to be stolen.

A cross-site scripting (xss) vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code....

An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to reading vaults that have been...

PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site scripting (XSS). Multiple endpoints improperly handle user input, allowing malicious scripts to execute in a victim’s...