41
|
- |
|
-
|
-
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
New
|
CWE-345 CWE-348
Insufficient Verification of Data Authenticity Use of Less Trusted Source
|
CVE-2024-45410
|
2024-09-20 08:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
42
|
- |
|
-
|
-
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
New
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2023-27584
|
2024-09-20 08:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
43
|
6.3 |
MEDIUM
Network
|
microsoft
|
edge_chromium
|
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-38207
|
2024-09-20 07:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
44
|
7.8 |
HIGH
Local
|
microsoft
|
edge_chromium
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-38210
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
45
|
7.8 |
HIGH
Local
|
microsoft
|
edge_chromium
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Update
|
CWE-843
Type Confusion
|
CVE-2024-38209
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
46
|
6.1 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge for Android Spoofing Vulnerability
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-38208
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
47
|
5.4 |
MEDIUM
Network
|
averta
|
auxinportfolio
|
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and inc…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-1384
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
48
|
5.4 |
MEDIUM
Network
|
wpbeaveraddons
|
powerpack_lite_for_beaver_builder
|
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 2.8.3.5 due to insufficien…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-7895
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
49
|
7.5 |
HIGH
Network
squirrly
|
wp_seo_plugin
|
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. This makes it possible for unauthenticated att…
Update
|
NVD-CWE-noinfo
|
CVE-2024-3679
|
2024-09-20 07:10 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
50
|
5.4 |
MEDIUM
Network
|
funnelkit
|
funnel_builder
|
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allow_iframe_tag_in_post' function which uses the 'wp_kses_allowed_html' filter to globally…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-1056
|
2024-09-20 07:06 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|