NA - CVE-2023-38036 - A security vulnerability within Ivanti...
A security vulnerability within Ivanti Avalanche Manager before version 6.4.1 may allow an unauthenticated attacker to create a buffer overflow that could result in service disruption or arbitrary...
NA - CVE-2023-39338 - Enables an authenticated user (enrolled device)...
Enables an authenticated user (enrolled device) to access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. It does not enable the...
NA - CVE-2023-39339 - A vulnerability exists on all versions of...
A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an authenticated administrator can perform an arbitrary file read via a maliciously crafted web request.
NA - CVE-2024-38648 - A hardcoded secret in Ivanti DSM before 2024.2...
A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent network to decrypt sensitive data including user credentials.
NA - CVE-2025-24294 - The attack vector is a potential Denial of...
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can...
High - CVE-2025-6057 - The WPBookit plugin for WordPress is vulnerable...
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handle_image_upload() function in all versions up to, and including, 1.0.4. This...
Critical - CVE-2025-6058 - The WPBookit plugin for WordPress is vulnerable...
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image_upload_handle() function hooked via the 'add_booking_type' route...
High - CVE-2025-7461 - A vulnerability was found in code-projects...
A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument...
High - CVE-2025-1313 - The Nokri - Job Board WordPress Theme theme for...
The Nokri - Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.3. This is due to the plugin not...
Medium - CVE-2025-7462 - A vulnerability was found in Artifex GhostPDL...
A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdf_ferror of the file...