2671
|
5.4 |
MEDIUM
Network
|
basticom
|
framework
|
The Basticom Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.0 due to insufficient input sanitization and ou…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9443
|
2024-11-8 05:56 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2672
|
6.5 |
MEDIUM
Network
|
liferay
|
liferay_portal digital_experience_platform
|
The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions,…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-25143
|
2024-11-8 05:55 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2673
|
5.9 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:
--enable-all CFL…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-6935
|
2024-11-8 05:41 |
2024-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2674
|
- |
|
-
|
-
|
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application.
|
-
|
CVE-2024-51358
|
2024-11-8 05:35 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2675
|
4.3 |
MEDIUM
Network
|
shaon
|
post_from_frontend
|
The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting posts, which could allow attackers to make logged in admin perform such action via a CSRF attack
|
CWE-352
Origin Validation Error
|
CVE-2024-9689
|
2024-11-8 05:35 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2676
|
- |
|
-
|
-
|
util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string.
|
-
|
CVE-2024-47855
|
2024-11-8 05:35 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2677
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
dma-buf: Fix NULL pointer dereference in sanitycheck()
If due to a memory allocation failure mock_chain() returns NULL, it is
pas…
|
-
|
CVE-2024-35916
|
2024-11-8 05:35 |
2024-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2678
|
- |
|
-
|
-
|
Time4J Base v5.9.3 was discovered to contain a NullPointerException via the component net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale). NOTE: this is disputed by multiple third par…
|
-
|
CVE-2024-23083
|
2024-11-8 05:35 |
2024-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2679
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'
In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;"
pi…
|
-
|
CVE-2024-26661
|
2024-11-8 05:35 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2680
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix race between ordered extent completion and fiemap
For fiemap we recently stopped locking the target extent range for t…
|
-
|
CVE-2024-26794
|
2024-11-8 05:35 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|