1081
|
- |
|
-
|
-
|
A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of…
|
-
|
CVE-2024-9029
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1082
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8991
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1083
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8681
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1084
|
- |
|
-
|
-
|
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissi…
|
-
|
CVE-2024-7400
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1085
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i…
|
-
|
CVE-2024-8965
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1086
|
8.8 |
HIGH
Network
|
-
|
-
|
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untr…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8922
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1087
|
- |
|
-
|
-
|
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and …
|
-
|
CVE-2024-7714
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1088
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and cups-filters provides backends, filters, and other software for CUPS 2.x to use on non-Mac OS systems. Any value passed to `FoomaticRIPComm…
|
CWE-77
Command Injection
|
CVE-2024-47177
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1089
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creati…
|
CWE-20
Improper Input Validation
|
CVE-2024-47175
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1090
|
- |
|
-
|
-
|
Sharp NEC Projectors (NP-CB4500UL, NP-CB4500WL, NP-CB4700UL, NP-P525UL, NP-P525UL+, NP-P525ULG, NP-P525ULJL, NP-P525WL, NP-P525WL+, NP-P525WLG, NP-P525WLJL, NP-CG6500UL, NP-CG6500WL, NP-CG6700UL, NP-…
|
-
|
CVE-2024-7011
|
2024-09-30 21:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|