111
|
7.2 |
HIGH
Network
|
cisco
|
rv340_dual_wan_gigabit_vpn_router_firmware rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware rv345_dual_wan_gigabit_vpn_router_firmware rv345p_dual_wan_gigabit_poe_vpn_router_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute ar…
Update
|
NVD-CWE-Other
|
CVE-2024-20470
|
2024-10-10 01:55 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
112
|
5.4 |
MEDIUM
Network
|
pdfcrowd
|
save_as_pdf
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF p…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-35649
|
2024-10-10 01:48 |
2024-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
113
|
7.8 |
HIGH
Local
|
gnome
|
libgsf
|
An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-42415
|
2024-10-10 01:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
114
|
7.8 |
HIGH
Local
|
gnome
|
libgsf
|
An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can resu…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-36474
|
2024-10-10 01:37 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
115
|
- |
|
-
|
-
|
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. Thi…
New
|
-
|
CVE-2024-9680
|
2024-10-10 01:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
116
|
- |
|
-
|
-
|
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
-
|
CVE-2024-9603
|
2024-10-10 01:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
117
|
- |
|
-
|
-
|
In the process of testing the Relevanssi WordPress plugin before 4.23.1, a vulnerability was found that allows you to implement Stored XSS on behalf of the Contributor+ by embedding malicious script…
New
|
-
|
CVE-2024-9021
|
2024-10-10 01:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
118
|
- |
|
-
|
-
|
Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts.
New
|
-
|
CVE-2024-8983
|
2024-10-10 01:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
119
|
4.3 |
MEDIUM
Network
|
cochinoman
|
splashscreen
|
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Update
|
CWE-352
Origin Validation Error
|
CVE-2023-6501
|
2024-10-10 01:35 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
120
|
7.5 |
HIGH
Network
phpjabbers
|
availability_booking_calendar
|
A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion.
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-48831
|
2024-10-10 01:35 |
2023-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|