2021
|
4.8 |
MEDIUM
Adjacent
|
google
|
nearby
|
There exists a vulnerability in Quick Share/Nearby, where an attacker can force a victim to stay connected to a temporary hotspot created for the sharing. As part of the sequence of packets in a Quic…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2024-38271
|
2024-09-25 04:29 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2022
|
9.8 |
CRITICAL
Network
wptaskforce
|
track_\&_trace
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: …
|
CWE-89
SQL Injection
|
CVE-2024-44004
|
2024-09-25 04:22 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2023
|
6.1 |
MEDIUM
Network
|
webhammer
|
wp_custom_fields_search
|
Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9419
|
2024-09-25 04:18 |
2017-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2024
|
5.4 |
MEDIUM
Network
|
posimyth
|
the_plus_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affe…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43977
|
2024-09-25 04:17 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2025
|
6.1 |
MEDIUM
Network
|
couchbase
|
couchbase_server
|
Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection.
|
CWE-74
Injection
|
CVE-2024-25673
|
2024-09-25 04:08 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2026
|
5.5 |
MEDIUM
Local
|
apple
|
macos ipados iphone_os visionos tvos watchos
|
A logic error was addressed with improved error handling. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS So…
|
NVD-CWE-noinfo
|
CVE-2024-44183
|
2024-09-25 04:04 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2027
|
2.4 |
LOW
Physics
|
apple
|
iphone_os ipados
|
The issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to access contacts from the lock screen.
|
NVD-CWE-noinfo
|
CVE-2024-44180
|
2024-09-25 04:04 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2028
|
5.5 |
MEDIUM
Local
|
apple
|
macos ipados iphone_os
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app …
|
NVD-CWE-noinfo
|
CVE-2024-44184
|
2024-09-25 04:03 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2029
|
6.5 |
MEDIUM
Network
|
apple
|
macos safari
|
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.
|
NVD-CWE-noinfo
|
CVE-2024-40866
|
2024-09-25 04:02 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2030
|
5.5 |
MEDIUM
Local
|
apple
|
macos iphone_os ipados
|
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to access sensitive user data.
|
CWE-59
Link Following
|
CVE-2024-44131
|
2024-09-25 04:01 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|