851
|
7.8 |
HIGH
Local
|
fortinet
|
forticlient
|
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0 allows an attacker to run arbitrary code via DLL hijacking and socia…
|
CWE-426
Untrusted Search Path
|
CVE-2024-36507
|
2024-11-15 05:31 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
852
|
5.4 |
MEDIUM
Network
|
brandevolutionco
|
themeshark_templates_\&_widgets_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeShark ThemeShark Templates & Widgets for Elementor allows Stored XSS.This issue affec…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51597
|
2024-11-15 05:27 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
853
|
5.4 |
MEDIUM
Network
|
wpcirqle
|
bigmart_elements
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpcirqle Bigmart Elements allows DOM-Based XSS.This issue affects Bigmart Elements: from n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51589
|
2024-11-15 05:26 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
854
|
5.4 |
MEDIUM
Network
|
themehat
|
super_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themehat Super Addons for Elementor allows DOM-Based XSS.This issue affects Super Addons f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51588
|
2024-11-15 05:26 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
855
|
5.4 |
MEDIUM
Network
|
softfirm
|
definitive_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Softfirm Definitive Addons for Elementor allows Stored XSS.This issue affects Definitive A…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51587
|
2024-11-15 05:26 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
856
|
5.4 |
MEDIUM
Network
|
bu
|
bu_slideshow
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Boston University (IS&T) BU Slideshow allows Stored XSS.This issue affects BU Slideshow: f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-52351
|
2024-11-15 05:24 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
857
|
5.4 |
MEDIUM
Network
|
crm2go
|
crm2go
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CRM 2go allows DOM-Based XSS.This issue affects CRM 2go: from n/a through 1.0.
|
CWE-79
Cross-site Scripting
|
CVE-2024-52350
|
2024-11-15 05:22 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
858
|
6.8 |
MEDIUM
Physics
|
-
|
-
|
Windows USB Video Class System Driver Elevation of Privilege Vulnerability
|
CWE-125
Out-of-bounds Read
|
CVE-2024-43637
|
2024-11-15 05:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
859
|
8.1 |
HIGH
Network
|
-
|
-
|
LightGBM Remote Code Execution Vulnerability
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-43598
|
2024-11-15 05:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
860
|
8.1 |
HIGH
Network
|
ampache
|
ampache
|
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating controlle…
|
CWE-352
Origin Validation Error
|
CVE-2024-51484
|
2024-11-15 05:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|