1011
|
8.1 |
HIGH
Network
|
parseplatform
|
parse_server
|
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to cre…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47183
|
2024-11-14 06:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1012
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix out-of-bounds write in trie_get_next_key()
trie_get_next_key() allocates a node stack with size trie->max_prefixlen,
whi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50262
|
2024-11-14 06:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1013
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argume…
|
CWE-78 CWE-77
OS Command Command Injection
|
CVE-2024-11046
|
2024-11-14 06:01 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1014
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipu…
|
CWE-119 CWE-121
Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow
|
CVE-2024-11047
|
2024-11-14 05:56 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1015
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str le…
|
CWE-119 CWE-121
Incorrect Access of Indexable Resource ('Range Error') Stack-based Buffer Overflow
|
CVE-2024-11048
|
2024-11-14 05:53 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1016
|
5.4 |
MEDIUM
Network
|
cleversoft
|
clever_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons …
|
CWE-79
Cross-site Scripting
|
CVE-2024-51580
|
2024-11-14 05:50 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1017
|
5.4 |
MEDIUM
Network
|
nicheaddons
|
restaurant_\&_cafe_addon_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Res…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51581
|
2024-11-14 05:49 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1018
|
7.2 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML…
|
NVD-CWE-noinfo
|
CVE-2024-49774
|
2024-11-14 05:40 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1019
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_admanager_plus
|
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.
|
NVD-CWE-noinfo
|
CVE-2024-24409
|
2024-11-14 05:35 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1020
|
5.4 |
MEDIUM
Network
|
mycred
|
mycred
|
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10187
|
2024-11-14 05:31 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|