1671
|
6.5 |
MEDIUM
Network
cheese_cafe_line_project
|
cheese_cafe_line
|
An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2023-39040
|
2024-09-26 05:35 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1672
|
7.8 |
HIGH
Local
|
gnome
|
gnome-time_tracker
|
CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record.
|
CWE-74
Injection
|
CVE-2023-36250
|
2024-09-26 05:35 |
2023-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1673
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortianalyzer fortimanager fortianalyzer-bigdata
|
An authorization bypass through user-controlled key [CWE-639] vulnerability in FortiAnalyzer version 7.4.1 and before 7.2.5 and FortiManager version 7.4.1 and before 7.2.5 may allow a remote attacker…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2023-44254
|
2024-09-26 05:17 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1674
|
9.1 |
CRITICAL
Network
heimdalsecurity
|
thor
|
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process Correla…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2023-29487
|
2024-09-26 05:15 |
2023-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1675
|
9.8 |
CRITICAL
Network
heimdalsecurity
|
thor
|
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information …
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2023-29486
|
2024-09-26 05:15 |
2023-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1676
|
9.8 |
CRITICAL
Network
heimdalsecurity
|
thor
|
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sens…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-29485
|
2024-09-26 05:15 |
2023-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1677
|
5.4 |
MEDIUM
Network
|
royal-elementor-addons
|
royal_elementor_addons
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addon…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44001
|
2024-09-26 05:13 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1678
|
6.1 |
MEDIUM
Network
|
pickplugins
|
team_showcase
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44002
|
2024-09-26 05:06 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1679
|
6.1 |
MEDIUM
Network
|
spicethemes
|
spice_starter_sites
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites allows Reflected XSS.This issue affects Spice Starter Site…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44003
|
2024-09-26 05:03 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1680
|
5.4 |
MEDIUM
Network
|
sktthemes
|
posterity
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sonalsinha21 Posterity allows Stored XSS.This issue affects Posterity: from n/a through 3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43995
|
2024-09-26 05:01 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|