571
|
4.3 |
MEDIUM
Network
|
codesupply
|
absolute_reviews
|
The Absolute Reviews plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.8. This is due to missing or incorrect nonce validation on the metabox_revi…
Update
|
-
|
CVE-2021-4426
|
2024-10-4 02:51 |
2023-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
572
|
5.4 |
MEDIUM
Network
|
cisco
|
catalyst_sd-wan_manager
|
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-20475
|
2024-10-4 02:49 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
573
|
8.0 |
HIGH
Adjacent
|
autel
|
maxicharger_ac_elite_business_c50_firmware
|
Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitra…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23959
|
2024-10-4 02:42 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
574
|
8.8 |
HIGH
Adjacent
|
autel
|
maxicharger_ac_elite_business_c50_firmware
|
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected instal…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-23958
|
2024-10-4 02:42 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
575
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Prevent release of buffer in I/O
When a task waiting for completion of a Store Data operation is
interrupted, an attem…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-44969
|
2024-10-4 02:38 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
576
|
8.0 |
HIGH
Adjacent
|
autel
|
maxicharger_ac_elite_business_c50_firmware
|
Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbi…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23967
|
2024-10-4 02:37 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
577
|
8.8 |
HIGH
Adjacent
|
autel
|
maxicharger_ac_elite_business_c50_firmware
|
Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary co…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23957
|
2024-10-4 02:37 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
578
|
8.8 |
HIGH
Network
|
atlassian
|
confluence_data_center confluence_server jira_service_management jira_data_center jira_server crucible fisheye crowd bitbucket bamboo jira_service_desk
|
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlass…
Update
|
CWE-346
Origin Validation Error
|
CVE-2022-26137
|
2024-10-4 02:35 |
2022-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
579
|
5.4 |
MEDIUM
Network
|
hasthemes
|
ht_mega
|
The “HT Mega – Absolute Addons for Elementor Page Builder” WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2021-24261
|
2024-10-4 02:35 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
580
|
9.8 |
CRITICAL
Network
atlassian
|
confluence_data_center confluence_server jira_service_management jira_data_center jira_server crucible fisheye crowd bitbucket bamboo jira_service_desk
|
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by …
Update
|
CWE-287
Improper Authentication
|
CVE-2022-26136
|
2024-10-4 02:35 |
2022-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|