291
|
7.5 |
HIGH
Network
wireshark
|
wireshark
|
GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
Update
|
NVD-CWE-Other
|
CVE-2024-0208
|
2024-10-9 03:58 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
292
|
7.5 |
HIGH
Network
wireshark
|
wireshark
|
DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-0211
|
2024-10-9 03:57 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
293
|
6.1 |
MEDIUM
Network
|
themes4wp
|
popularis_extra
|
The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9353
|
2024-10-9 03:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
294
|
5.4 |
MEDIUM
Network
|
iworks
|
pwa
|
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8967
|
2024-10-9 03:47 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
295
|
7.5 |
HIGH
Network
cisco
|
meraki_mx65_firmware meraki_mx64_firmware meraki_z4c_firmware meraki_z4_firmware meraki_z3c_firmware meraki_z3_firmware meraki_vmx_firmware meraki_mx600_firmware meraki_mx450_…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-20502
|
2024-10-9 03:46 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
296
|
6.5 |
MEDIUM
Network
|
soplanning
|
soplanning
|
SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to…
New
|
CWE-89
SQL Injection
|
CVE-2024-9574
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
297
|
6.5 |
MEDIUM
Network
|
soplanning
|
soplanning
|
SQL injection vulnerability in SOPlanning <1.45, through /soplanning/www/groupe_list.php, in the by parameter, which could allow a remote user to send a specially crafted query and extract all the in…
New
|
CWE-89
SQL Injection
|
CVE-2024-9573
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
298
|
5.4 |
MEDIUM
Network
|
soplanning
|
soplanning
|
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/groupe_save.php, in the groupe_id parameter. This could allow …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9572
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
299
|
5.4 |
MEDIUM
Network
|
soplanning
|
soplanning
|
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/xajax_server.php, affecting multiple parameters. This could al…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9571
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
300
|
5.9 |
MEDIUM
Network
|
cisco
|
meraki_mx65_firmware meraki_mx64_firmware meraki_z4c_firmware meraki_z4_firmware meraki_z3c_firmware meraki_z3_firmware meraki_vmx_firmware meraki_mx600_firmware meraki_mx450_…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN …
Update
|
CWE-362
Race Condition
|
CVE-2024-20509
|
2024-10-9 03:45 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|