Magánszemélyeknek

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

A vulnerability was found in OpenXE up to 1.12. It has been declared as problematic. This vulnerability affects unknown code of the component Ticket Bearbeiten Page. The manipulation of the...

A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This issue affects some unknown processing of the component Friendly Links Handler. The manipulation of...

A vulnerability classified as critical has been found in ftcms 2.1. Affected is an unknown function of the file /admin/index.php/web/ajax_all_lists of the component Search. The manipulation of the...

Date: March 11, 2025 Revision Date Changes 1.0 March 11, 2025 Initial release The CVE-ID tracking this issue: CVE-2024-9448 CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) Common Weakness Enumeration: CWE-284 Improper Access...

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be...

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including,...

The Years Since – Timeless Texts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'years-since' shortcode in all versions up to, and including,...

The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or...