141
|
5.4 |
MEDIUM
Network
|
garrettgrimm
|
simple_popup_plugin
|
The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8547
|
2024-10-1 23:32 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
142
|
9.8 |
CRITICAL
Network
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input vi…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8353
|
2024-10-1 23:31 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
143
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Update
|
NVD-CWE-noinfo
|
CVE-2024-9136
|
2024-10-1 23:28 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
144
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Access permission verification vulnerability in the input method framework module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
NVD-CWE-noinfo
|
CVE-2024-47294
|
2024-10-1 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
145
|
7.5 |
HIGH
Network
perforce
|
akana_api
|
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
Update
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-5249
|
2024-10-1 23:26 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
146
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Out-of-bounds write vulnerability in the HAL-WIFI module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47293
|
2024-10-1 23:25 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
147
|
5.5 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Path traversal vulnerability in the Bluetooth module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Update
|
CWE-22
Path Traversal
|
CVE-2024-47292
|
2024-10-1 23:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
5.5 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Permission vulnerability in the ActivityManagerService (AMS) module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
NVD-CWE-noinfo
|
CVE-2024-47291
|
2024-10-1 23:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
5.5 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Input validation vulnerability in the USB service module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
NVD-CWE-noinfo
|
CVE-2024-47290
|
2024-10-1 23:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
150
|
4.8 |
MEDIUM
Network
|
10web
|
form_maker
|
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insuf…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8633
|
2024-10-1 23:17 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|