9.8

CVSS3.1

CVE-2024-11285 - WP JobHunt <= 7.1 - Unauthenticated Privilege Escalation via Email Update/Account Takeover

The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email via the account_settings_callback() function. This…

πŸ“… Published: March 14, 2025, 4:22 a.m. πŸ”„ Last Modified: March 14, 2025, 3:15 p.m.

5.5

CVSS3.1

CVE-2023-52927 - netfilter: allow exp not to be removed in nf_ct_find_expectation

In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed…

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 p.m.

7.8

CVSS3.1

CVE-2025-24855 - libxslt: Use-After-Free in libxslt numbers.c

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 7:01 p.m.

0.0

CVE-2025-26163 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

0.0

CVE-2025-30022 -

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the DATANASC parameter.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 3:15 a.m.

0.0

CVE-2025-29029 -

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 p.m.

0.0

CVE-2025-29030 -

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 p.m.

0.0

CVE-2025-29031 -

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 p.m.

0.0

CVE-2025-29032 -

Tenda AC9 v15.03.05.19(6318) was discovered to contain a buffer overflow via the formWifiWpsOOB function.

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 2:15 p.m.

0.0

CVE-2025-25872 -

An issue in Open Panel v.0.3.4 allows a remote attacker to escalate privileges via the Fix Permissions function

πŸ“… Published: March 14, 2025, midnight πŸ”„ Last Modified: March 14, 2025, 4:15 p.m.
Total resulsts: 285408
Page 18 of 28,541
Β« previous page Β» next page
Filters