2071
|
4.8 |
MEDIUM
Network
|
peepso
|
peepso
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.4.5.0 due t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7655
|
2024-09-20 03:20 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2072
|
4.8 |
MEDIUM
Network
|
peepso
|
peepso
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-7618
|
2024-09-20 03:20 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2073
|
7.2 |
HIGH
Network
|
kemptechnologies
|
multi-tenant_hypervisor_firmware loadmaster
|
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects:
* LoadMaster: 7.2.40.0 and above
* ECS: All versions
* Multi-Tenancy: 7.1.35.4 and ab…
|
CWE-78
OS Command
|
CVE-2024-7591
|
2024-09-20 03:19 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2074
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: avoid using null object of framebuffer
Instead of using state->fb->obj[0] directly, get object from framebuffer
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46694
|
2024-09-20 03:16 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2075
|
5.4 |
MEDIUM
Network
|
microfocus
|
netiq_access_manager
|
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
|
CWE-79
Cross-site Scripting
|
CVE-2024-4554
|
2024-09-20 03:15 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2076
|
- |
|
-
|
-
|
ABB has internally identified a vulnerability in the ABB VPNI feature of the S+ Control API component which may
be used by several Symphony Plus products (e.g., S+ Operations, S+ Engineering and S+ …
|
CWE-23
Relative Path Traversal
|
CVE-2024-0335
|
2024-09-20 03:15 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2077
|
- |
|
-
|
-
|
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the …
|
CWE-94 CWE-319 CWE-1240
Code Injection Cleartext Transmission of Sensitive Information Use of a Cryptographic Primitive with a Risky Implementation
|
CVE-2024-0220
|
2024-09-20 03:15 |
2024-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2078
|
7.1 |
HIGH
Local
|
stripe
|
stripe-cli
|
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a man…
|
CWE-22
Path Traversal
|
CVE-2024-45401
|
2024-09-20 03:12 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2079
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pktgen: use cpus_read_lock() in pg_net_init()
I have seen the WARN_ON(smp_processor_id() != cpu) firing
in pktgen_thread_worker()…
|
NVD-CWE-noinfo
|
CVE-2024-46681
|
2024-09-20 03:10 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2080
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined
create_elf_fdpic_tables() does not correctly account the s…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-46684
|
2024-09-20 03:04 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|