|
481
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
CWE-416
Use After Free
|
CVE-2024-49023
|
2024-10-18 10:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
482
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-43587
|
2024-10-18 10:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
483
|
- |
|
-
|
-
|
A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).
|
-
|
CVE-2024-40711
|
2024-10-18 10:00 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
484
|
9.8 |
CRITICAL
Network
haxx
fedoraproject
netapp
microsoft
|
libcurl
fedora
oncommand_workflow_automation
oncommand_insight
active_iq_unified_manager
windows_10_22h2
windows_11_21h2
windows_11_22h2
windows_11_23h2
windows_10_1809
…
|
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked to pass along the host name to the SOCKS5 proxy to allow
that to resolve the address instead of it…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-38545
|
2024-10-18 07:35 |
2023-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
485
|
- |
|
-
|
-
|
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
|
-
|
CVE-2024-47976
|
2024-10-18 07:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
486
|
- |
|
-
|
-
|
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
|
-
|
CVE-2024-47972
|
2024-10-18 07:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
487
|
6.1 |
MEDIUM
Network
|
wpsofts
|
portfolio_gallery\
_product_catalog_-_grid_kit_portfolio
|
The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which coul…
|
-
|
CVE-2023-3292
|
2024-10-18 06:35 |
2023-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
488
|
7.5 |
HIGH
Network
apache
|
ofbiz
|
Arbitrary file reading vulnerability in Apache Software Foundation Apache OFBiz when using the Solr plugin. This is a
pre-authentication attack.
This issue affects Apache OFBiz: before 18.12.07.
|
CWE-22
Path Traversal
|
CVE-2022-47501
|
2024-10-18 06:35 |
2023-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
489
|
6.5 |
MEDIUM
Network
|
addify
|
order_tracking_for_woocommerce
order_approval_for_woocommerce
image_watermark_for_woocommerce
gift_registry_for_woocommerce
advanced_free_gifts
custom_registration_forms_builder
cus…
|
The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number Word…
|
-
|
CVE-2022-4888
|
2024-10-18 06:35 |
2023-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
490
|
9.1 |
CRITICAL
Network
apache
|
linkis
|
In Apache Linkis <=1.3.1, due to the default token generated by Linkis Gateway deployment being too simple, it is easy for attackers to obtain the default token for the attack. Generation rules shou…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2023-27987
|
2024-10-18 06:35 |
2023-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
