CVEs and Security Vulnerabilities

Total 276812 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-13312			2025-01-09	N/A
Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 11.8.0 before 12.3.10, from 12.4.0 before 12.4.9.
CVE-2024-13311			2025-01-09	N/A
Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: ..
CVE-2024-13310			2025-01-09	N/A
Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: ..
CVE-2024-13309			2025-01-09	N/A
Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login Disable: from 2.0.0 before 2.1.1.
CVE-2024-13308			2025-01-09	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Back Button allows Cross-Site Scripting (XSS).This issue affects Browser Back Button: from 1.0.0 before 2.0.2.
CVE-2024-13300			2025-01-09	N/A
Vulnerability in Drupal Print Anything.This issue affects Print Anything: ..
CVE-2024-13299			2025-01-09	N/A
Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework: ..
CVE-2024-13290			2025-01-09	N/A
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4.
CVE-2024-13283			2025-01-09	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting (XSS).This issue affects Facets: from 0.0.0 before 2.0.9.
CVE-2024-13273			2025-01-09	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Open Social allows Cross-Site Scripting (XSS).This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5, from 13.0.0 before 13.0.0-alpha11.
CVE-2024-13262			2025-01-09	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal View Password allows Cross-Site Scripting (XSS).This issue affects View Password: from 0.0.0 before 6.0.4.
CVE-2024-13252			2025-01-09	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal TacJS allows Cross-Site Scripting (XSS).This issue affects TacJS: from 0.0.0 before 6.5.0.
CVE-2024-13247			2025-01-09	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Coffee allows Cross-Site Scripting (XSS).This issue affects Coffee: from 0.0.0 before 1.4.0.
CVE-2024-13245			2025-01-09	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal CKEditor 4 LTS - WYSIWYG HTML editor allows Cross-Site Scripting (XSS).This issue affects CKEditor 4 LTS - WYSIWYG HTML editor: from 1.0.0 before 1.0.1.
CVE-2024-13238			2025-01-09	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Typogrify allows Cross-Site Scripting (XSS).This issue affects Typogrify: from 0.0.0 before 1.3.0.
CVE-2024-13237			2025-01-09	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal File Entity (fieldable files) allows Cross-Site Scripting (XSS).This issue affects File Entity (fieldable files): from 7.X-* before 7.X-2.38.
CVE-2024-12806			2025-01-09	7.5 High
A post-authentication absolute path traversal vulnerability in SonicOS management allows a remote attacker to read an arbitrary file.
CVE-2023-3006	2 Linux, Redhat	3 Linux Kernel, Rhel Eus, Rhev Hypervisor	2025-01-09	5.5 Medium
A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible.
CVE-2023-33487	1 Totolink	2 X5000r, X5000r Firmware	2025-01-09	9.8 Critical
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion vulnerability in setDiagnosisCfg.This vulnerability allows an attacker to execute arbitrary commands through the "ip" parameter.
CVE-2023-30197	1 Webbax	1 Myinventory	2025-01-09	7.5 High
Incorrect Access Control in the module "My inventory" (myinventory) <= 1.6.6 from Webbax for PrestaShop, allows a guest to download personal information without restriction by performing a path traversal attack.

« first previous Page 41 of 13841. next last »