1451
|
5.3 |
MEDIUM
Network
bplugins
|
html5_video_player
|
The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions called via the 'h5…
|
CWE-862
Missing Authorization
|
CVE-2024-7727
|
2024-09-19 03:07 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1452
|
9.8 |
CRITICAL
Network
spip
|
spip
|
SPIP before 4.3.2, 4.2.16, and
4.1.18 is vulnerable to a command injection issue. A
remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipar…
|
NVD-CWE-Other
|
CVE-2024-8517
|
2024-09-19 03:05 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1453
|
4.3 |
MEDIUM
Network
|
bplugins
|
html5_video_player
|
The HTML5 Video Player – mp4 Video Player Plugin and Block plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_password' function in…
|
CWE-862
Missing Authorization
|
CVE-2024-7721
|
2024-09-19 03:01 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1454
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
An authentication bypass weakness in the message broker service of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-8012
|
2024-09-19 02:53 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1455
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges and achieve arbitrary code execution.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-44107
|
2024-09-19 02:52 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1456
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
Insufficient server-side controls in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to escalate their privileges.
|
NVD-CWE-Other
|
CVE-2024-44106
|
2024-09-19 02:50 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1457
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-44105
|
2024-09-19 02:48 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1458
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: uniphier: fix reference count leak in uniphier_spi_probe()
The issue happens in several error paths in uniphier_spi_probe().…
|
NVD-CWE-Other
|
CVE-2022-48723
|
2024-09-19 02:46 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1459
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
The Power Fault Detected bit in the Slot Status register differs f…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2021-47617
|
2024-09-19 02:46 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1460
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated …
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2024-44104
|
2024-09-19 02:33 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|