401
|
- |
|
-
|
-
|
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
Update
|
-
|
CVE-2024-47976
|
2024-10-18 07:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
402
|
- |
|
-
|
-
|
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
Update
|
-
|
CVE-2024-47972
|
2024-10-18 07:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
403
|
6.1 |
MEDIUM
Network
|
wpsofts
|
portfolio_gallery\ _product_catalog_-_grid_kit_portfolio
|
The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which coul…
Update
|
-
|
CVE-2023-3292
|
2024-10-18 06:35 |
2023-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
404
|
7.5 |
HIGH
Network
apache
|
ofbiz
|
Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a
pre-authentication attack.
This issue affects Apache OFBiz: before 18.12.07.
Update
|
CWE-22
Path Traversal
|
CVE-2022-47501
|
2024-10-18 06:35 |
2023-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
405
|
6.5 |
MEDIUM
Network
|
addify
|
order_tracking_for_woocommerce order_approval_for_woocommerce image_watermark_for_woocommerce gift_registry_for_woocommerce advanced_free_gifts custom_registration_forms_builder cus…
|
The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number Word…
Update
|
-
|
CVE-2022-4888
|
2024-10-18 06:35 |
2023-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
406
|
9.1 |
CRITICAL
Network
apache
|
linkis
|
In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules shou…
Update
|
CWE-326
Inadequate Encryption Strength
|
CVE-2023-27987
|
2024-10-18 06:35 |
2023-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
407
|
- |
|
microsoft
|
remote_desktop_connection_client windows_2003_server windows_server_2003 windows_xp windows_7 windows_server_2008 windows_vista
|
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working dir…
Update
|
NVD-CWE-Other
|
CVE-2011-0029
|
2024-10-18 06:35 |
2011-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
408
|
- |
|
microsoft
|
windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server
|
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windo…
Update
|
CWE-399
Resource Management Errors
|
CVE-2010-3941
|
2024-10-18 06:35 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
409
|
- |
|
microsoft
|
sharepoint_services sharepoint_server internet_explorer
|
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoin…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2010-3243
|
2024-10-18 06:35 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
410
|
- |
|
microsoft
|
windows_server_2008 windows_xp windows_vista windows_server_2003 windows_2003_server
|
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate us…
Update
|
CWE-20
Improper Input Validation
|
CVE-2010-1896
|
2024-10-18 06:35 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|