|
441
|
- |
|
-
|
-
|
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs?. The memory leak happens in git…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-1394
|
2024-09-27 08:15 |
2024-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
442
|
5.4 |
MEDIUM
Network
|
risethemes
|
rt_easy_builder
|
The RT Easy Builder – Advanced addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2 due to insuffi…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-2254
|
2024-09-27 07:36 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
443
|
6.1 |
MEDIUM
Network
|
instawp
|
string_locator
|
The String locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sql-column' parameter in all versions up to, and including, 2.6.5 due to insufficient input sanitizati…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-6987
|
2024-09-27 07:34 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
5.4 |
MEDIUM
Network
|
themeisle
|
orbit_fox
|
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.10.36 due to insufficient input sanitization …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-7778
|
2024-09-27 07:22 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
445
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPComm…
New
|
CWE-77
Command Injection
|
CVE-2024-47177
|
2024-09-27 07:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creati…
New
|
CWE-20
Improper Input Validation
|
CVE-2024-47175
|
2024-09-27 07:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. …
New
|
-
|
CVE-2024-47176
|
2024-09-27 07:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format …
New
|
CWE-20
Improper Input Validation
|
CVE-2024-47076
|
2024-09-27 07:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
9.8 |
CRITICAL
Network
silabs
|
emberznet
|
TouchLink packets processed after timeout or out of range due to Operation on a Resource after Expiration and Missing Release of Resource after Effective Lifetime may allow a device to be added outsi…
Update
|
CWE-672
CWE-772
Operation on a Resource after Expiration or Release
Missing Release of Resource after Effective Lifetime
|
CVE-2023-41094
|
2024-09-27 07:15 |
2023-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
450
|
7.5 |
HIGH
Network
hashicorp
|
vault
|
The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Fixed in Vault 1.13.0.
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-5077
|
2024-09-27 07:15 |
2023-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
