2181
|
5.4 |
MEDIUM
Network
|
microsoft
|
dynamics_365
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
CWE-79
Cross-site Scripting
|
CVE-2024-43476
|
2024-09-13 23:39 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2182
|
8.8 |
HIGH
Network
|
crocoblock
|
jetelements
|
The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. This makes it possible for authenticated att…
|
CWE-22
Path Traversal
|
CVE-2024-7145
|
2024-09-13 23:39 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2183
|
8.5 |
HIGH
Network
|
microsoft
|
power_automate
|
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43479
|
2024-09-13 23:38 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2184
|
4.3 |
MEDIUM
Network
|
bricksbuilder
|
bricks
|
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' functio…
|
CWE-352
Origin Validation Error
|
CVE-2023-3408
|
2024-09-13 23:37 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2185
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: H…
|
CWE-416
Use After Free
|
CVE-2024-8639
|
2024-09-13 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2186
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2024-8638
|
2024-09-13 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2187
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severit…
|
CWE-416
Use After Free
|
CVE-2024-8637
|
2024-09-13 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2188
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8636
|
2024-09-13 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2189
|
4.3 |
MEDIUM
Network
|
bricksbuilder
|
bricks
|
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'reset_settings' functi…
|
CWE-352
Origin Validation Error
|
CVE-2023-3409
|
2024-09-13 23:34 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2190
|
5.4 |
MEDIUM
Network
|
cyberchimps
|
responsive_blocks
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue af…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43335
|
2024-09-13 23:25 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|