801
|
4.8 |
MEDIUM
Network
|
arelthiaphillips
|
add_widget_after_content
|
The Add Widget After Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.6 due to insufficient input sanitization an…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9892
|
2024-10-23 00:46 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
802
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KEYS: prevent NULL pointer dereference in find_asymmetric_key()
In find_asymmetric_key(), if all NULLs are passed in the id_{0,1,…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47743
|
2024-10-23 00:45 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
803
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock
Use a dedicated mutex to guard kvm_usage_count to fix a pot…
New
|
CWE-667
Improper Locking
|
CVE-2024-47744
|
2024-10-23 00:44 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
804
|
5.3 |
MEDIUM
Network
vmware
|
spring_framework
|
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields no…
Update
|
NVD-CWE-noinfo
|
CVE-2024-38820
|
2024-10-23 00:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
805
|
4.8 |
MEDIUM
Network
|
code-projects
|
pharmacy_management
|
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /manage_medicine.php of t…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10199
|
2024-10-23 00:40 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
806
|
4.8 |
MEDIUM
Network
|
code-projects
|
pharmacy_management
|
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10198
|
2024-10-23 00:39 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
807
|
4.8 |
MEDIUM
Network
|
heimkino-praxis
|
movie_database
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a t…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43300
|
2024-10-23 00:35 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
808
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction i…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20816
|
2024-10-23 00:35 |
2023-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
809
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction i…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20815
|
2024-10-23 00:35 |
2023-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
810
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction i…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20814
|
2024-10-23 00:35 |
2023-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|