Medium
CVSS: 6.4
Yayın: 2025-01-23 03:15:08
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin…
Medium
CVSS: 4.6
Yayın: 2025-01-23 03:15:08
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr…
Low
CVSS: 2.5
Yayın: 2025-01-23 02:15:35
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls.
Medium
CVSS: 6.5
Yayın: 2025-01-23 01:15:27
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component gray_record_cell.
Medium
CVSS: 6.5
Yayın: 2025-01-23 01:15:27
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component composition_source_over.
High
CVSS: 7.5
Yayın: 2025-01-23 01:15:27
lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovg_surface_create.
Medium
CVSS: 6.5
Yayın: 2025-01-23 01:15:26
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_path_add_path.
Medium
CVSS: 6.5
Yayın: 2025-01-23 01:15:26
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend.
Medium
CVSS: 6.5
Yayın: 2025-01-23 01:15:26
lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0.
Low
CVSS: 2.5
Yayın: 2025-01-23 01:15:26
BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. It may allow the application to download files from an internally hosted server on localhost.
Medium
CVSS: 6.4
Yayın: 2025-01-22 22:15:08
The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.11.11 due to insufficient input sanitization and output escaping on user supplied attributes. This…
High
CVSS: 7.3
Yayın: 2025-01-22 21:15:09
A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0 allows remote attackers to execute arbitrary JavaScript on the admin page (pages_account), potentially leading to unauthorized actions such as changing acco…
Medium
CVSS: 5.4
Yayın: 2025-01-22 21:15:09
Stored Cross-Site Scripting (XSS) Vulnerability in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.3.1
High
CVSS: 7.5
Yayın: 2025-01-22 20:15:30
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
High
CVSS: 8.2
Yayın: 2025-01-22 20:15:30
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Medium
CVSS: 5.7
Yayın: 2025-01-22 20:15:30
D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp.
Medium
CVSS: 6.0
Yayın: 2025-01-22 19:15:10
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger unde…
High
CVSS: 7.1
Yayın: 2025-01-22 19:15:09
For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control (SLC) to the lowest setting and…
Medium
CVSS: 6.5
Yayın: 2025-01-22 18:15:21
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An insecure default `Access-Control-Allow-Origin` header value could lead to sensitive data exposure for users of Cilium versions 1.14.0 through 1.14.7, 1.15.0…
Medium
CVSS: 6.1
Yayın: 2025-01-22 18:15:20
Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation.
User with a low system privileges can create a set of symlinks inside the C:\ProgramData\Cloudflare\warp-diag-partials folder. After triggering the…