1171
|
- |
|
-
|
-
|
The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, whi…
|
-
|
CVE-2024-8239
|
2024-10-1 23:35 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1172
|
5.3 |
MEDIUM
Network
perforce
|
akana_api
|
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-5250
|
2024-10-1 23:33 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1173
|
5.4 |
MEDIUM
Network
|
garrettgrimm
|
simple_popup_plugin
|
The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8547
|
2024-10-1 23:32 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1174
|
9.8 |
CRITICAL
Network
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input vi…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8353
|
2024-10-1 23:31 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1175
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-9136
|
2024-10-1 23:28 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1176
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Access permission verification vulnerability in the input method framework module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-47294
|
2024-10-1 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1177
|
7.5 |
HIGH
Network
perforce
|
akana_api
|
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-5249
|
2024-10-1 23:26 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1178
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Out-of-bounds write vulnerability in the HAL-WIFI module
Impact: Successful exploitation of this vulnerability may affect availability.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47293
|
2024-10-1 23:25 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1179
|
5.5 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Path traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
CWE-22
Path Traversal
|
CVE-2024-47292
|
2024-10-1 23:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1180
|
5.5 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Permission vulnerability in the ActivityManagerService (AMS) module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-47291
|
2024-10-1 23:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|