1761
|
9.8 |
CRITICAL
Network
heimdalsecurity
|
thor
|
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information …
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2023-29486
|
2024-09-26 05:15 |
2023-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1762
|
9.8 |
CRITICAL
Network
heimdalsecurity
|
thor
|
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain sens…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-29485
|
2024-09-26 05:15 |
2023-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1763
|
5.4 |
MEDIUM
Network
|
royal-elementor-addons
|
royal_elementor_addons
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addon…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44001
|
2024-09-26 05:13 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1764
|
6.1 |
MEDIUM
Network
|
pickplugins
|
team_showcase
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44002
|
2024-09-26 05:06 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1765
|
6.1 |
MEDIUM
Network
|
spicethemes
|
spice_starter_sites
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites allows Reflected XSS.This issue affects Spice Starter Site…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44003
|
2024-09-26 05:03 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1766
|
5.4 |
MEDIUM
Network
|
sktthemes
|
posterity
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sonalsinha21 Posterity allows Stored XSS.This issue affects Posterity: from n/a through 3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43995
|
2024-09-26 05:01 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1767
|
8.8 |
HIGH
Network
|
microsoft
|
groupme
|
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network by convincing a user to click on a malicious link.
|
NVD-CWE-noinfo
|
CVE-2024-38183
|
2024-09-26 04:59 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1768
|
7.8 |
HIGH
Local
|
libreoffice
|
libreoffice
|
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: f…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-7788
|
2024-09-26 04:56 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1769
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
|
Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a …
|
CWE-601
Open Redirect
|
CVE-2024-8897
|
2024-09-26 04:49 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1770
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15. Privacy Indicators for microphone or camera access may be attributed incorrectly.
|
NVD-CWE-noinfo
|
CVE-2024-27875
|
2024-09-26 04:44 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|