381
|
- |
|
-
|
-
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in …
New
|
-
|
CVE-2024-20500
|
2024-10-3 04:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
382
|
- |
|
-
|
-
|
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…
New
|
-
|
CVE-2024-20499
|
2024-10-3 04:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
383
|
- |
|
-
|
-
|
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…
New
|
-
|
CVE-2024-20498
|
2024-10-3 04:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
384
|
9.8 |
CRITICAL
Network
stellarwp
|
the_events_calendar
|
The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'tribe_has_next_event' function in all versions up to, and including, 6.6.4 due to insuffi…
Update
|
CWE-89
SQL Injection
|
CVE-2024-8275
|
2024-10-3 04:14 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
385
|
5.3 |
MEDIUM
Network
revolut
|
revolut_gateway_for_woocommerce
|
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions u…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8678
|
2024-10-3 04:06 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
386
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addon…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47303
|
2024-10-3 04:00 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
387
|
5.4 |
MEDIUM
Network
|
wpmet
|
elementskit_elementor_addons
|
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8546
|
2024-10-3 03:56 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
388
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8858
|
2024-10-3 03:41 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
389
|
5.3 |
MEDIUM
Network
mycred
|
mycred
|
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8658
|
2024-10-3 03:36 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
390
|
7.8 |
HIGH
Local
|
google
|
android
|
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
Update
|
CWE-862
Missing Authorization
|
CVE-2023-38464
|
2024-10-3 03:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|