|
1071
|
7.2 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the arg…
Update
|
CWE-77
Command Injection
|
CVE-2024-10429
|
2024-11-14 02:58 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1072
|
7.2 |
HIGH
Network
|
wavlink
|
wn530h4_firmware
wn530hg4_firmware
wn572hg3_firmware
|
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation …
Update
|
CWE-77
Command Injection
|
CVE-2024-10428
|
2024-11-14 02:57 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1073
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.
Update
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-47803
|
2024-11-14 02:45 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1074
|
5.4 |
MEDIUM
Network
|
mappresspro
|
mappress
|
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-7225
|
2024-11-14 02:43 |
2024-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1075
|
9.8 |
CRITICAL
Network
mappresspro
|
mappress
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Maps for WordPress mappress-google-maps-for-wordpress allows SQL Inject…
Update
|
CWE-89
SQL Injection
|
CVE-2023-26015
|
2024-11-14 02:43 |
2023-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1076
|
5.4 |
MEDIUM
Network
|
mappresspro
|
mappress
|
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in versions up to, and including, 2.88.4 due to insufficient input sanitizat…
Update
|
-
|
CVE-2023-4840
|
2024-11-14 02:43 |
2023-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1077
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Add rough attr alloc_size check
Update
|
NVD-CWE-noinfo
|
CVE-2024-50246
|
2024-11-14 02:38 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1078
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvmet-auth: assign dh_key to NULL after kfree_sensitive
ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()…
Update
|
CWE-415
Double Free
|
CVE-2024-50215
|
2024-11-14 02:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1079
|
- |
|
-
|
-
|
MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be writt…
Update
|
-
|
CVE-2024-39334
|
2024-11-14 02:35 |
2024-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1080
|
7.5 |
HIGH
Network
jenkins
|
credentials
|
Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `confi…
Update
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-47805
|
2024-11-14 02:32 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
