2051
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that c…
|
NVD-CWE-noinfo
|
CVE-2024-5689
|
2024-09-14 03:35 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2052
|
9.8 |
CRITICAL
Network
wipotec
|
comscale
|
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2023-45911
|
2024-09-14 03:35 |
2023-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2053
|
7.5 |
HIGH
Network
common-services
|
sonice_etiquetage
|
In the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path trave…
|
CWE-22
Path Traversal
|
CVE-2023-45383
|
2024-09-14 03:35 |
2023-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2054
|
7.8 |
HIGH
Local
|
xnview
|
nconvert
|
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-43250
|
2024-09-14 03:35 |
2023-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2055
|
8.4 |
HIGH
Local
|
oracle
|
peoplesoft_enterprise_peopletools
|
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability all…
|
NVD-CWE-noinfo
|
CVE-2023-22014
|
2024-09-14 03:35 |
2023-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2056
|
7.5 |
HIGH
Network
oracle
|
weblogic_server
|
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exp…
|
NVD-CWE-noinfo
|
CVE-2023-21996
|
2024-09-14 03:35 |
2023-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2057
|
9.8 |
CRITICAL
Network
mozilla
|
firefox
|
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-5695
|
2024-09-14 03:31 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2058
|
6.1 |
MEDIUM
Network
|
phpvibe
|
phpvibe
|
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This issue affects some unknown processing of the file functionalities.global.php of the component Global Opti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6082
|
2024-09-14 03:29 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2059
|
7.4 |
HIGH
Network
|
osnexus
|
quantastor
|
An attacker is able to launch a Reflected XSS attack using a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2021-42080
|
2024-09-14 03:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2060
|
8.1 |
HIGH
Network
|
sonaar
|
mp3_audio_player_for_music\ _radio_\&_podcast
|
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to unauthorized arbitrary file deletion due to a missing capability check on the removeTempFil…
|
CWE-862
Missing Authorization
|
CVE-2024-7856
|
2024-09-14 03:14 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|