|
1811
|
5.4 |
MEDIUM
Network
|
affiliatexblocks
|
affiliatex
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AffiliateX allows Stored XSS.This issue affects AffiliateX: from n/a through 1.2.9.
|
CWE-79
Cross-site Scripting
|
CVE-2024-49692
|
2024-11-8 23:55 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1812
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
astra_widgets
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50439
|
2024-11-8 23:53 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1813
|
5.4 |
MEDIUM
Network
|
wpkoi
|
wpkoi_templates_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49679
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1814
|
6.1 |
MEDIUM
Network
|
themoyles
|
church_admin
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a bef…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50438
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1815
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvme_dev_disable()
nvme_dev_disable() modifies the dev->online_queues field, there…
|
CWE-362
Race Condition
|
CVE-2024-50135
|
2024-11-8 23:34 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1816
|
5.4 |
MEDIUM
Network
|
mycred
|
mycred_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCRED myCred Elementor allows Stored XSS.This issue affects myCred Elementor: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49702
|
2024-11-8 23:32 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1817
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Unregister notifier on eswitch init failure
It otherwise remains registered and a subsequent attempt at eswitch
enablin…
|
NVD-CWE-noinfo
|
CVE-2024-50136
|
2024-11-8 23:31 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1818
|
6.5 |
MEDIUM
Network
|
zte
|
zxr10_1800-2s_firmware
zxr10_2800-4_firmware
zxr10_3800-8_firmware
zxr10_160_firmware
|
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the de…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-22066
|
2024-11-8 23:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1819
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC
data->asserted will be NULL on JH7110 SoC since commit 8232…
|
NVD-CWE-noinfo
|
CVE-2024-50137
|
2024-11-8 23:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1820
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Use raw_spinlock_t in ringbuf
The function __bpf_ringbuf_reserve is invoked from a tracepoint, which
disables preemption. Us…
|
NVD-CWE-noinfo
|
CVE-2024-50138
|
2024-11-8 23:27 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
