Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CVE güvenlik açıkları, KEV etiketleri, detay sayfaları ve kategori bazlı listeleme.
Toplam kayıt70,179
Sayfa3424 / 3509
FiltreYok
High CVSS: 7.5 Yayın: 2025-01-14 14:15:28

CVE-2024-11864

Arm Scp Firmware CWE-755
Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP
Medium CVSS: 5.3 Yayın: 2025-01-14 14:15:27

CVE-2024-11863

Arm Scp Firmware CWE-755
Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP
High CVSS: 8.8 Yayın: 2025-01-14 14:15:27

CVE-2024-11497

CWE-732
An authenticated attacker can use this vulnerability to perform a privilege escalation to gain root access.
Medium CVSS: 5.0 Yayın: 2025-01-14 14:15:27

CVE-2023-46715

Fortinet Fortios CWE-346
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the…
Medium CVSS: 6.5 Yayın: 2025-01-14 14:15:27

CVE-2023-42786

Fortinet Fortios CWE-476
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
Medium CVSS: 6.5 Yayın: 2025-01-14 14:15:27

CVE-2023-42785

Fortinet Fortios CWE-476
A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions , 6.2 all versions and 6.0 all versions allows attacker to trigger a denial of service via a crafted http request.
High CVSS: 7.8 Yayın: 2025-01-14 14:15:26

CVE-2023-37937

Fortinet Fortiswitch CWE-78
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0…
Critical CVSS: 9.8 Yayın: 2025-01-14 14:15:26

CVE-2023-37936

Fortinet Fortiswitch CWE-321
A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or comma…
High CVSS: 8.8 Yayın: 2025-01-14 14:15:26

CVE-2023-37931

Fortinet Fortivoice CWE-89
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to perform a blind sql injection att…
Critical CVSS: 9.1 Yayın: 2025-01-14 11:15:17

CVE-2024-56841

CWE-90
A vulnerability has been identified in Mendix LDAP (All versions < V1.1.2). Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification.
High CVSS: 7.1 Yayın: 2025-01-14 11:15:16

CVE-2024-53649

CWE-552
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.8…
High CVSS: 7.2 Yayın: 2025-01-14 11:15:16

CVE-2024-47100

CWE-352
A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly (6…
Low CVSS: 2.1 Yayın: 2025-01-14 11:15:15

CVE-2024-45385

Siemens Industrial Edge Management CWE-79
A vulnerability has been identified in Industrial Edge Management OS (IEM-OS) (All versions). Affected components are vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by trickin…
Medium CVSS: 6.4 Yayın: 2025-01-14 11:15:15

CVE-2024-12240

Siteorigin Page Builder CWE-79
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input sanitization and output escaping. This makes it possib…
High CVSS: 7.5 Yayın: 2025-01-14 10:15:07

CVE-2025-20620

CWE-89
SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management page.
Critical CVSS: 9.8 Yayın: 2025-01-14 10:15:07

CVE-2025-20055

CWE-78
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS command.
High CVSS: 7.2 Yayın: 2025-01-14 10:15:07

CVE-2025-20016

CWE-78
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitr…
High CVSS: 8.8 Yayın: 2025-01-14 09:15:21

CVE-2025-0394

CWE-434
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gh_big_file_upload() function in all versions up to, and…
Medium CVSS: 6.1 Yayın: 2025-01-14 09:15:21

CVE-2025-0393

Royal-elementor-addons Royal Elementor Addons CWE-352
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1006. This is due to missing or incorrect nonce validation on the wpr_filter_grid_posts() function. Th…