241
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Update
|
-
|
CVE-2024-42308
|
2024-10-9 23:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
242
|
5.5 |
MEDIUM
Local
|
microsoft
|
telemetry_dashboard
|
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability l…
Update
|
NVD-CWE-noinfo
|
CVE-2024-30472
|
2024-10-9 23:12 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
243
|
8.8 |
HIGH
Network
|
apple webkitgtk
|
macos iphone_os safari ipados webkitgtk\+
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead…
Update
|
CWE-416
Use After Free
|
CVE-2022-42826
|
2024-10-9 23:11 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
244
|
8.8 |
HIGH
Local
|
vmware
|
esxi cloud_foundation
|
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2022-31696
|
2024-10-9 23:05 |
2022-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
245
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
parisc: fix a possible DMA corruption
ARCH_DMA_MINALIGN was defined as 16 - this is too small - it may be
possible that two unrel…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44949
|
2024-10-9 22:53 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
246
|
6.1 |
MEDIUM
Network
|
sir
|
gnuboard
|
Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2022-30050
|
2024-10-9 22:46 |
2022-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
247
|
8.8 |
HIGH
Network
|
apple webkitgtk
|
safari watchos iphone_os ipados macos tvos webkitgtk
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Safari 15.3, macOS Monterey 12.2. Processing maliciously…
Update
|
CWE-416
Use After Free
|
CVE-2022-22590
|
2024-10-9 22:40 |
2022-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
248
|
5.4 |
MEDIUM
Network
|
lunary
|
lunary
|
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability allows users on the Free plan to invite other members and assign them any role, including those intended fo…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-5127
|
2024-10-9 22:38 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
249
|
- |
|
bold-themes
|
bold_page_builder
|
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Link in all versions up to, and including, 4.8.0 due to insufficient input sanitization a…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-1160
|
2024-10-9 22:30 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
250
|
7.2 |
HIGH
Network
|
sygnoos
|
popup_builder
|
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a request to it, which could allow users with the administrator role to perform SSRF attack in Multisite Wo…
Update
|
CWE-22 CWE-918
Path Traversal Server-Side Request Forgery (SSRF)
|
CVE-2023-6294
|
2024-10-9 22:24 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|