331
|
- |
|
-
|
-
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of …
New
|
-
|
CVE-2024-47529
|
2024-10-3 05:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
332
|
- |
|
-
|
-
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method all…
New
|
CWE-22
Path Traversal
|
CVE-2024-46977
|
2024-10-3 05:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
333
|
- |
|
-
|
-
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnera…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-43795
|
2024-10-3 05:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
334
|
- |
|
-
|
-
|
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. …
Update
|
CWE-1327
|
CVE-2024-47176
|
2024-10-3 05:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
335
|
- |
|
-
|
-
|
RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users …
Update
|
CWE-20
Improper Input Validation
|
CVE-2024-47179
|
2024-10-3 05:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
336
|
6.5 |
MEDIUM
Network
|
cisco
|
ios_xe ios
|
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affec…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-20414
|
2024-10-3 05:02 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
337
|
7.2 |
HIGH
Network
|
prisna
|
google_website_translator
|
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'pri…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8514
|
2024-10-3 04:59 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
338
|
5.4 |
MEDIUM
Network
|
themexclub
|
oneelements
|
The OneElements – Best Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.3.7 due to insufficient input sa…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9068
|
2024-10-3 04:55 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
339
|
5.4 |
MEDIUM
Network
|
devfarm
|
wp_gpx_maps
|
The WP GPX Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sgpx' shortcode in all versions up to, and including, 1.7.08 due to insufficient input sanitization…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9028
|
2024-10-3 04:45 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
340
|
5.4 |
MEDIUM
Network
|
wpzoom
|
wpzoom_shortcodes
|
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitiza…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9027
|
2024-10-3 04:42 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|