2.3

CVSS4.0

CVE-2024-36469 - User enumeration via timing attack in Zabbix web interface

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.

πŸ“… Published: April 2, 2025, 6:11 a.m. πŸ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

8.6

CVSS4.0

CVE-2024-36465 - SQL injection in Zabbix API

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

πŸ“… Published: April 2, 2025, 6:11 a.m. πŸ”„ Last Modified: Oct. 8, 2025, 3:31 p.m.

5.9

CVSS3.0

CVE-2025-27244 -

AssetView and AssetView CLOUD contain an issue with acquiring sensitive information from sent data to the developer. If exploited, sensitive information may be obtained by a remote unauthenticated attacker.

πŸ“… Published: April 2, 2025, 3:21 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.2

CVSS3.0

CVE-2025-25060 -

Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker.

πŸ“… Published: April 2, 2025, 3:20 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2025-2779 - Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subs…

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_dismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with Subscriber-lev…

πŸ“… Published: April 2, 2025, 1:44 a.m. πŸ”„ Last Modified: April 22, 2026, 1:45 a.m.

5.4

CVSS3.1

CVE-2025-3074 -

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 2, 2025, 12:42 a.m. πŸ”„ Last Modified: April 21, 2025, 8:49 p.m.

5.4

CVSS3.1

CVE-2025-3073 -

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 2, 2025, 12:42 a.m. πŸ”„ Last Modified: April 21, 2025, 8:49 p.m.

5.4

CVSS3.1

CVE-2025-3072 -

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 2, 2025, 12:42 a.m. πŸ”„ Last Modified: April 21, 2025, 8:48 p.m.

5.4

CVSS3.1

CVE-2025-3071 -

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 2, 2025, 12:42 a.m. πŸ”„ Last Modified: April 21, 2025, 8:48 p.m.

6.5

CVSS3.1

CVE-2025-3070 -

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: April 2, 2025, 12:42 a.m. πŸ”„ Last Modified: April 7, 2025, 1:28 p.m.
Total resulsts: 346533
Page 5788 of 34,654
Β« previous page Β» next page
Filters