811
|
7.5 |
HIGH
Network
mozilla debian
|
firefox debian_linux
|
When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused request…
Update
|
NVD-CWE-noinfo
|
CVE-2023-4055
|
2024-10-23 00:35 |
2023-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
812
|
8.8 |
HIGH
Network
|
sermonaudio
|
sermonaudio_widgets
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: fr…
Update
|
CWE-89
SQL Injection
|
CVE-2024-49614
|
2024-10-23 00:34 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
813
|
8.8 |
HIGH
Network
|
lodelgeraldo
|
simple_code_insert_shortcode
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code In…
Update
|
CWE-89
SQL Injection
|
CVE-2024-49613
|
2024-10-23 00:29 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
814
|
6.3 |
MEDIUM
Network
|
dell
|
secure_connect_gateway
|
Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vuln…
Update
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-47240
|
2024-10-23 00:28 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
815
|
6.1 |
MEDIUM
Network
|
madrasthemes
|
mas_companies_for_wp_job_manager
|
The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9206
|
2024-10-23 00:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
816
|
4.3 |
MEDIUM
Network
|
smackcoders
|
sendgrid
|
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and includ…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-9364
|
2024-10-23 00:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
817
|
5.4 |
MEDIUM
Network
|
tychesoftwares
|
arconix_shortcodes
|
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input san…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9703
|
2024-10-23 00:25 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
818
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE)
Lack of check for copy-on-write (COW) mapping in drm_gem_shmem_mm…
Update
|
-
|
CVE-2024-39497
|
2024-10-23 00:15 |
2024-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
819
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix potential key use-after-free
When ieee80211_key_link() is called by ieee80211_gtk_rekey_add()
but returns 0 d…
Update
|
-
|
CVE-2023-52530
|
2024-10-23 00:15 |
2024-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
820
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
udf: Fix bogus checksum computation in udf_rename()
Syzbot reports uninitialized memory access in udf_rename() when updating
chec…
Update
|
-
|
CVE-2024-43845
|
2024-10-23 00:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|