5.1

CVSS4.0

CVE-2025-0464 - SourceCodester Task Reminder System Maintenance Section cross site scripting

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be l…

πŸ“… Published: Jan. 14, 2025, 5 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 2:59 p.m.

5.3

CVSS4.0

CVE-2025-0463 - Shanghai Lingdang Information Technology Lingdang CRM index.php unrestricted upload

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. It has been classified as critical. Affected is an unknown function of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. The m…

πŸ“… Published: Jan. 14, 2025, 5 p.m. πŸ”„ Last Modified: Aug. 28, 2025, 10:57 a.m.

9.8

CVSS3.1

CVE-2024-10811 -

Absolute path traversal in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote unauthenticated attacker to leak sensitive information.

πŸ“… Published: Jan. 14, 2025, 4:59 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 7:09 p.m.

6.1

CVSS3.1

CVE-2025-23081 - Various security vulnerabilities in Extension:DataTransfer

Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects Mediawiki - DataTr…

πŸ“… Published: Jan. 14, 2025, 4:56 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2024-13181 -

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.

πŸ“… Published: Jan. 14, 2025, 4:53 p.m. πŸ”„ Last Modified: Jan. 16, 2025, 9:02 p.m.

7.5

CVSS3.1

CVE-2024-13180 -

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011.

πŸ“… Published: Jan. 14, 2025, 4:52 p.m. πŸ”„ Last Modified: Jan. 16, 2025, 9:01 p.m.

7.3

CVSS3.1

CVE-2024-13179 -

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.

πŸ“… Published: Jan. 14, 2025, 4:51 p.m. πŸ”„ Last Modified: Jan. 16, 2025, 9:01 p.m.

6.2

CVSS3.1

CVE-2024-52898 - IBM MQ information disclosure

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.

πŸ“… Published: Jan. 14, 2025, 4:49 p.m. πŸ”„ Last Modified: July 3, 2025, 8:10 p.m.

7.8

CVSS3.1

CVE-2024-10630 -

A race condition in Ivanti Application Control Engine before version 10.14.4.0 allows a local authenticated attacker to bypass the application blocking functionality.

πŸ“… Published: Jan. 14, 2025, 4:49 p.m. πŸ”„ Last Modified: Feb. 26, 2026, 7:09 p.m.

5.3

CVSS3.1

CVE-2025-23080 - XSSes in Special:BadgeView

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - OpenBadges Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - OpenBadges Extension: from 1.39.X before 1.39.11, from 1.41.X before 1.…

πŸ“… Published: Jan. 14, 2025, 4:40 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 7138 of 34,919
Β« previous page Β» next page
Filters