|
1531
|
8.8 |
HIGH
Network
|
magazine3
|
pwa_for_wp_\&_amp
|
Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PWA for WP & AMP: from n/a through 1.7.72.
|
CWE-862
Missing Authorization
|
CVE-2024-47318
|
2024-11-13 05:32 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1532
|
9.8 |
CRITICAL
Network
androidbubbles
|
wp_datepicker
|
Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1.
|
CWE-862
Missing Authorization
|
CVE-2024-47321
|
2024-11-13 05:29 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1533
|
9.8 |
CRITICAL
Network
code-atlantic
|
popup_maker
|
Missing Authorization vulnerability in Popup Maker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Popup Maker: from n/a through 1.19.2.
|
CWE-862
Missing Authorization
|
CVE-2024-47358
|
2024-11-13 05:28 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1534
|
9.8 |
CRITICAL
Network
depicter
|
depicter
|
Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a…
|
CWE-862
Missing Authorization
|
CVE-2024-47359
|
2024-11-13 05:26 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1535
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mad: Improve handling of timed out WRs of mad agent
Current timeout handler of mad agent acquires/releases mad_agent_priv
lo…
|
NVD-CWE-noinfo
|
CVE-2024-50095
|
2024-11-13 05:26 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1536
|
8.8 |
HIGH
Network
|
webtechstreet
|
elementor_addon_elements
|
Missing Authorization vulnerability in WPVibes Elementor Addon Elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Addon Elements: from n/a t…
|
CWE-862
Missing Authorization
|
CVE-2024-47361
|
2024-11-13 05:25 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1537
|
7.5 |
HIGH
Network
dena
|
h2o
|
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based ac…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2024-45397
|
2024-11-13 05:14 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1538
|
7.5 |
HIGH
Network
dena
|
quicly
|
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure tha…
|
CWE-617
Reachable Assertion
|
CVE-2024-45396
|
2024-11-13 05:05 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1539
|
4.3 |
MEDIUM
Network
|
dena
|
h2o
|
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The configuration directives provided by the headers handler allows users to modify the response headers being sent by h2o. The con…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2024-25622
|
2024-11-13 05:04 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1540
|
9.8 |
CRITICAL
Network
dena
|
picotls
|
Picotls is a TLS protocol library that allows users select different crypto backends based on their use case. When parsing a spoofed TLS handshake message, picotls (specifically, bindings within pico…
|
CWE-415
Double Free
|
CVE-2024-45402
|
2024-11-13 05:02 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
