|
931
|
5.5 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
Input validation vulnerability in the USB service module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-47290
|
2024-10-1 23:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
932
|
4.8 |
MEDIUM
Network
|
10web
|
form_maker
|
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insuf…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8633
|
2024-10-1 23:17 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
933
|
5.4 |
MEDIUM
Network
|
advancedfilemanager
|
advanced_file_manager
|
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8725
|
2024-10-1 23:16 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
934
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2024-46839
|
2024-10-1 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
935
|
7.2 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …
|
CWE-22
Path Traversal
|
CVE-2024-8704
|
2024-10-1 23:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
936
|
7.5 |
HIGH
Network
redhat
|
keycloak
single_sign-on
|
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when t…
|
NVD-CWE-noinfo
|
CVE-2023-6841
|
2024-10-1 23:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
937
|
6.1 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
keycloak
|
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. …
|
CWE-601
Open Redirect
|
CVE-2024-7260
|
2024-10-1 23:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
938
|
7.4 |
HIGH
Local
|
redhat
fedoraproject
|
shim
fedora
|
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value …
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2023-40548
|
2024-10-1 23:15 |
2024-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
939
|
8.8 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8126
|
2024-10-1 23:14 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
940
|
5.4 |
MEDIUM
Network
|
alefypimentel
|
gf_custom_style
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-10-1 23:12 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
