81
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trig…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-7042
|
2024-09-28 13:15 |
2023-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
82
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8715
|
2024-09-28 12:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
83
|
- |
|
-
|
-
|
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
Update
|
CWE-415
Double Free
|
CVE-2024-2002
|
2024-09-28 12:15 |
2024-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
84
|
5.3 |
MEDIUM
Network
-
|
-
|
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the alg_wc_eu_vat_exempt_vat_from_admin() function i…
New
|
-
|
CVE-2024-9189
|
2024-09-28 11:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
85
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwa_login_form shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanit…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9023
|
2024-09-28 11:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
86
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up t…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8788
|
2024-09-28 11:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
87
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8547
|
2024-09-28 11:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
88
|
10.0 |
CRITICAL
Network
-
|
-
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input vi…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8353
|
2024-09-28 11:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
89
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. Affected by this issue is some unknown functionality of the file sav…
New
|
CWE-89
SQL Injection
|
CVE-2024-9294
|
2024-09-28 07:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
90
|
- |
|
-
|
-
|
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may le…
New
|
-
|
CVE-2024-38796
|
2024-09-28 07:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|