441
|
- |
|
-
|
-
|
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
|
-
|
CVE-2024-39432
|
2024-09-27 17:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
442
|
- |
|
-
|
-
|
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed.
|
-
|
CVE-2024-39431
|
2024-09-27 17:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
443
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9049
|
2024-09-27 16:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
444
|
- |
|
-
|
-
|
A flaw was found in freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of the…
|
-
|
CVE-2024-9029
|
2024-09-27 16:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
445
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8991
|
2024-09-27 16:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
446
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8681
|
2024-09-27 16:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
447
|
- |
|
-
|
-
|
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissi…
|
-
|
CVE-2024-7400
|
2024-09-27 16:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
448
|
7.2 |
HIGH
Network
|
-
|
-
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.16.1 due to insu…
|
CWE-89
SQL Injection
|
CVE-2024-9130
|
2024-09-27 15:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
449
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i…
|
-
|
CVE-2024-8965
|
2024-09-27 15:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
450
|
8.8 |
HIGH
Network
|
-
|
-
|
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untr…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8922
|
2024-09-27 15:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|