1001
|
5.3 |
MEDIUM
Network
neomutt mutt redhat
|
neomutt mutt enterprise_linux
|
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
|
NVD-CWE-noinfo
|
CVE-2024-49395
|
2024-11-14 22:33 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1002
|
5.4 |
MEDIUM
Network
|
leevio
|
happy_addons_for_elementor
|
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the before_label parameter in the Image Comparison widget in all versions up to, and including, 3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10538
|
2024-11-14 22:27 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1003
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: fix dfs radar event locking
The ath11k active pdevs are protected by RCU but the DFS radar event
handling code call…
|
-
|
CVE-2023-52798
|
2024-11-14 17:35 |
2024-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1004
|
9.8 |
CRITICAL
Network
oretnom23
|
simple_music_cloud_community_system
|
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The mani…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11054
|
2024-11-14 11:43 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1005
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: clear wdev->cqm_config pointer on free
When we free wdev->cqm_config when unregistering, we also
need to clear ou…
|
CWE-415
Double Free
|
CVE-2024-50235
|
2024-11-14 11:26 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1006
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlegacy: Clear stale interrupts before resuming device
iwl4965 fails upon resume from hibernation on my laptop. The reason…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-50234
|
2024-11-14 11:25 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1007
|
5.4 |
MEDIUM
Network
|
wpza
|
amp_img_shortcode
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZA AMP Img Shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51576
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1008
|
5.4 |
MEDIUM
Network
|
lucapaggetti
|
3d_presentation
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Luca Paggetti 3D Presentation allows Stored XSS.This issue affects 3D Presentation: from n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51578
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1009
|
5.4 |
MEDIUM
Network
|
camunda
|
bpmn.io
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a throu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51577
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1010
|
5.4 |
MEDIUM
Network
|
anasedreesi
|
marquee_elementor_with_posts
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee …
|
CWE-79
Cross-site Scripting
|
CVE-2024-51584
|
2024-11-14 11:23 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|