Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CVE güvenlik açıkları, KEV etiketleri, detay sayfaları ve kategori bazlı listeleme.
Toplam kayıt70,425
Sayfa3410 / 3522
FiltreYok
Medium CVSS: 5.1 Yayın: 2025-01-15 17:15:16

CVE-2024-52783

CWE-276
Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c allows attackers to execute arbitrary code via modification of the configuration file.
High CVSS: 7.5 Yayın: 2025-01-15 17:15:16

CVE-2024-50954

CWE-703
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a…
High CVSS: 7.5 Yayın: 2025-01-15 17:15:16

CVE-2024-50953

CWE-400
An issue in XINJE XL5E-16T V3.7.2a allows attackers to cause a Denial of Service (DoS) via a crafted Modbus message.
High CVSS: 8.8 Yayın: 2025-01-15 17:15:09

CVE-2020-8094

Bitdefender Antivirus 2020 CWE-426
An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.
Critical CVSS: 9.8 Yayın: 2025-01-15 16:15:42

CVE-2025-22968

Dlink Dwr-m972v Firmware CWE-94
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions
Unknown CVSS: - Yayın: 2025-01-15 16:15:42

CVE-2025-22799

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vertim Neon Product Designer neon-product-designer-for-woocommerce allows SQL Injection.This issue affects Neon Product Designer: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:42

CVE-2025-22798

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:42

CVE-2025-22797

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oğulcan Özügenç Gallery and Lightbox gallery-and-lightbox allows Stored XSS.This issue affects Gallery and Lightbox: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:42

CVE-2025-22795

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitaldonkey Multilang Contact Form multilang-contact-form allows Reflected XSS.This issue affects Multilang Contact Form: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:41

CVE-2025-22793

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bold Bold pagos en linea bold-pagos-en-linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:41

CVE-2025-22788

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner woolementor allows Stored XSS.This issue affects CoDesigner: from n/a through
High CVSS: 8.8 Yayın: 2025-01-15 16:15:41

CVE-2025-22787

Bplugins Button Block CWE-862
Missing Authorization vulnerability in bPlugins Button Block button-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through
High CVSS: 8.8 Yayın: 2025-01-15 16:15:41

CVE-2025-22786

Elementinvader Elementinvader Addons For Elementor CWE-35
Path Traversal: '.../...//' vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:41

CVE-2025-22785

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ComMotion Course Booking System course-booking-system allows SQL Injection.This issue affects Course Booking System: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:41

CVE-2025-22784

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in swedish boy Background Control background-control allows Path Traversal.This issue affects Background Control: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:40

CVE-2025-22782

CWE-434
Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: fro…
Unknown CVSS: - Yayın: 2025-01-15 16:15:40

CVE-2025-22781

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nativery Nativery nativery allows DOM-Based XSS.This issue affects Nativery: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:40

CVE-2025-22780

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrey wp-pano wp-pano allows Stored XSS.This issue affects wp-pano: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:40

CVE-2025-22779

CWE-862
Missing Authorization vulnerability in codeaffairs WP News Sliders wp-news-sliders allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP News Sliders: from n/a through
Unknown CVSS: - Yayın: 2025-01-15 16:15:40

CVE-2025-22778

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in damniel Lijit Search wp-lijit-wijit allows Reflected XSS.This issue affects Lijit Search: from n/a through