2021
|
9.8 |
CRITICAL
Network
icegram
|
email_subscribers_\&_newsletters
|
Missing Authorization vulnerability in Email Subscribers & Newsletters.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.13.
|
CWE-862
Missing Authorization
|
CVE-2024-31352
|
2024-09-25 23:37 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2022
|
8.8 |
HIGH
Network
|
strategy11
|
awp_classifieds
|
Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1.
|
CWE-862
Missing Authorization
|
CVE-2024-31350
|
2024-09-25 23:36 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2023
|
- |
|
-
|
-
|
An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution.
|
-
|
CVE-2024-41721
|
2024-09-25 23:35 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2024
|
7.5 |
HIGH
Network
f-secure
|
linux_protection linux_security_64 atlant client_security elements_endpoint_protection email_and_server_security server_security
|
Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Secur…
|
NVD-CWE-noinfo
|
CVE-2023-43767
|
2024-09-25 23:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2025
|
7.8 |
HIGH
Local
|
f-secure
|
linux_protection linux_security_64 atlant client_security elements_endpoint_protection email_and_server_security server_security
|
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server…
|
NVD-CWE-noinfo
|
CVE-2023-43766
|
2024-09-25 23:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2026
|
8.8 |
HIGH
Network
|
strategy11
|
awp_classifieds
|
Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin <= 4.3 versions.
|
CWE-352
Origin Validation Error
|
CVE-2023-41801
|
2024-09-25 23:33 |
2023-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2027
|
9.8 |
CRITICAL
Network
strategy11
|
awp_classifieds
|
The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated…
|
CWE-89
SQL Injection
|
CVE-2022-3254
|
2024-09-25 23:33 |
2022-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2028
|
- |
|
strategy11
|
awp_classifieds
|
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch ac…
|
CWE-89
SQL Injection
|
CVE-2014-10013
|
2024-09-25 23:33 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2029
|
- |
|
strategy11
|
awp_classifieds
|
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the de…
|
CWE-79
Cross-site Scripting
|
CVE-2014-10012
|
2024-09-25 23:33 |
2015-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2030
|
6.8 |
MEDIUM
Physics
|
dell
|
xps_17_9700_firmware xps_15_9500_firmware vostro_7500_firmware precision_5750_firmware precision_5550_firmware latitude_3520_firmware latitude_3510_firmware latitude_3420_firmwar…
|
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to …
|
CWE-863
Incorrect Authorization
|
CVE-2024-0160
|
2024-09-25 23:25 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|