|
451
|
5.4 |
MEDIUM
Network
|
anasedreesi
|
marquee_elementor_with_posts
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51584
|
2024-11-14 11:23 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
452
|
5.4 |
MEDIUM
Network
|
pluginspoint
|
kento_ads_rotator
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51583
|
2024-11-14 11:17 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
453
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.
Update
|
NVD-CWE-noinfo
|
CVE-2024-44197
|
2024-11-14 11:16 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
454
|
- |
|
-
|
-
|
A stored Cross-site Scripting vulnerability has been discovered in Sonatype Nexus Repository 2
This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
New
|
-
|
CVE-2024-5083
|
2024-11-14 11:15 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
455
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
Update
|
NVD-CWE-noinfo
|
CVE-2024-44196
|
2024-11-14 11:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
456
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
Update
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46951
|
2024-11-14 11:13 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
457
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46953
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
458
|
7.8 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46952
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
459
|
- |
|
-
|
-
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
New
|
-
|
CVE-2024-43093
|
2024-11-14 11:00 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
460
|
9.8 |
CRITICAL
Network
paloaltonetworks
|
expedition
|
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is …
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-5910
|
2024-11-14 11:00 |
2024-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
