2041
|
7.8 |
HIGH
Local
|
adobe
|
photoshop
|
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45109
|
2024-09-14 01:59 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2042
|
9.8 |
CRITICAL
Network
adobe
|
coldfusion
|
ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-41874
|
2024-09-14 01:57 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2043
|
7.5 |
HIGH
Network
adobe
|
coldfusion
|
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gai…
|
CWE-287
Improper Authentication
|
CVE-2024-45113
|
2024-09-14 01:56 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2044
|
- |
|
-
|
-
|
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability where sensitive information, including passwords, is exposed in clear text within the JSON response when c…
|
-
|
CVE-2024-44685
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2045
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email-obfuscate' shortcode in all versions up to, and including, 2.0 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8747
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2046
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8737
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2047
|
- |
|
-
|
-
|
The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8734
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2048
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…
|
-
|
CVE-2024-8732
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2049
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Cron Jobs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8731
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2050
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8730
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|