301
|
6.1 |
MEDIUM
Network
|
github
|
enterprise_server
|
A Cross-Site Scripting (XSS) vulnerability was identified in the repository transfer feature of GitHub Enterprise Server, which allows attackers to steal sensitive user information via social enginee…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8770
|
2024-09-27 22:49 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
302
|
6.1 |
MEDIUM
Network
|
boopathirajan
|
wp_test_email
|
The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8664
|
2024-09-27 22:48 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
303
|
7.8 |
HIGH
Local
|
google
|
chrome
|
Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low)
Update
|
NVD-CWE-noinfo
|
CVE-2018-20072
|
2024-09-27 22:46 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
304
|
4.3 |
MEDIUM
Network
|
radiustheme
|
classified_listing_-_classified_ads_\&_business_directory
|
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like export_forms(…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-7888
|
2024-09-27 22:45 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
305
|
8.8 |
HIGH
Network
|
wpml
|
wpml
|
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.6.12 via the Twig Server-Side Template Injection. This is due to missing input validation …
Update
|
CWE-94
Code Injection
|
CVE-2024-6386
|
2024-09-27 22:25 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
306
|
- |
|
-
|
-
|
A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forger…
New
|
CWE-352
Origin Validation Error
|
CVE-2024-9282
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
307
|
- |
|
-
|
-
|
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site reques…
New
|
CWE-352
Origin Validation Error
|
CVE-2024-9281
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
308
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire()
If the __qcuefi pointer is not set, then in the original code, we wo…
New
|
-
|
CVE-2024-46868
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
309
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/client: fix deadlock in show_meminfo()
There is a real deadlock as well as sleeping in atomic() bug in here, if
the bo put…
New
|
-
|
CVE-2024-46867
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
310
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/client: add missing bo locking in show_meminfo()
bo_meminfo() wants to inspect bo state like tt and the ttm resource,
howe…
New
|
-
|
CVE-2024-46866
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|