Search Results (366583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-25620 2 Helm, Redhat 4 Helm, Acm, Openshift and 1 more 2025-01-09 6.4 Medium
Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the `Chart.yaml` file includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name. This issue has been resolved in Helm v3.14.1. Users unable to upgrade should check all charts used by Helm for path changes in their name as found in the `Chart.yaml` file. This includes dependencies.
CVE-2024-11096 1 Code-projects 1 Task Manager 2025-01-09 6.3 Medium
A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-11077 2 Anisha, Code-projects 2 Job Recruitment, Job Recruitment 2025-01-09 7.3 High
A vulnerability, which was classified as critical, was found in code-projects Job Recruitment 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-11076 1 Anisha 1 Job Recruitment 2025-01-09 6.3 Medium
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /activation.php. The manipulation of the argument e_hash leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-25912 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 5.3 Medium
The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values.
CVE-2023-22584 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 7.5 High
The Danfoss AK-EM100 stores login credentials in cleartext.
CVE-2023-22585 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 9 Critical
The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter.
CVE-2023-22583 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 10 Critical
The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.
CVE-2023-22586 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 7.7 High
The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter.
CVE-2023-22582 1 Danfoss 2 Ak-em100, Ak-em100 Firmware 2025-01-09 9 Critical
The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting.
CVE-2023-25913 1 Danfoss 2 Ak-sm 800a, Ak-sm 800a Firmware 2025-01-09 7.5 High
Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.
CVE-2024-5610 2025-01-08 N/A
loading template...
CVE-2023-34258 1 Bmc 1 Patrol 2025-01-08 7.5 High
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution.
CVE-2023-29551 1 Mozilla 2 Firefox, Focus 2025-01-08 8.8 High
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
CVE-2023-23824 1 Wp Topbar Project 1 Wp Topbar 2025-01-08 6.7 Medium
Auth. SQL Injection (SQLi) vulnerability in WP-TopBar <= 5.36 versions.
CVE-2022-47615 1 Thimpress 1 Learnpress 2025-01-08 9.3 Critical
Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.
CVE-2022-45808 1 Thimpress 1 Learnpress 2025-01-08 9.9 Critical
SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions.
CVE-2022-47167 1 Crayon Syntax Highlighter Project 1 Crayon Syntax Highlighter 2025-01-08 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions.
CVE-2022-45376 1 Xootix 1 Side Cart Woocommerce 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.
CVE-2022-45076 1 Webmat 1 Flexible Elementor Panel 2025-01-08 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions.