Rezultati pretraživanja za 'Od datuma: 14.12.2025.'
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2025-63386 | 9.1 | A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup endpoint. The endpoint implements an insecure CORS policy that reflects any Origin header and enables Access-Control-Allow-Credentia | 2025-12-19 22:15:51 | 2025-12-18 16:15:54 |
| CVE-2025-68481 | 5.9 | FastAPI Users allows users to quickly add a registration and authentication system to their FastAPI project. Prior to version 15.0.2, the OAuth login state tokens are completely stateless and carry no per-request entropy or any data that could link t | 2025-12-19 21:15:54 | 2025-12-19 21:15:54 |
| CVE-2025-63665 | 9.8 | An issue in GT Edge AI Platform Versions before v2.0.10-dev allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window. | 2025-12-19 21:15:54 | 2025-12-19 17:15:52 |
| CVE-2023-53959 | 9.8 | FileZilla Client 3.63.1 contains a DLL hijacking vulnerability that allows attackers to execute malicious code by placing a crafted TextShaping.dll in the application directory. Attackers can generate a reverse shell payload using msfvenom and replac | 2025-12-19 21:15:53 | 2025-12-19 21:15:53 |
| CVE-2025-14860 | 9.8 | Use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 146.0.1. | 2025-12-19 21:15:53 | 2025-12-18 15:15:53 |
| CVE-2023-53958 | 7.5 | LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a cont | 2025-12-19 21:15:52 | 2025-12-19 21:15:52 |
| CVE-2023-53957 | 9.8 | Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie informa | 2025-12-19 21:15:52 | 2025-12-19 21:15:52 |
| CVE-2023-53956 | 8.8 | Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root director | 2025-12-19 21:15:51 | 2025-12-19 21:15:51 |
| CVE-2023-53954 | 6.2 | ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can | 2025-12-19 21:15:51 | 2025-12-19 21:15:51 |
| CVE-2023-53953 | 6.4 | WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating web pages. Attackers can craft malicious payloads in page titles that execute arbitrary JavaScript when | 2025-12-19 21:15:51 | 2025-12-19 21:15:51 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/130
Zapisa po stranici: