11
|
- |
|
-
|
-
|
Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability.
Crafted HTTP …
New
|
-
|
CVE-2024-45829
|
2024-10-25 18:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
12
|
- |
|
-
|
-
|
Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability.
Crafted HTTP requests may cause affected products crashed.
New
|
-
|
CVE-2024-43424
|
2024-10-25 18:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
13
|
- |
|
-
|
-
|
Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages.
Crafted HTTP requests may…
New
|
-
|
CVE-2024-42420
|
2024-10-25 18:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
14
|
6.1 |
MEDIUM
Network
|
wpfactory
|
eu\/uk_vat_manager_for_woocommerce
|
: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPFactory EU/UK VAT Manager for WooCommerce allows Cross-Site Scripting (XSS).This issue affects EU/UK…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-44061
|
2024-10-25 18:15 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
15
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The WPS Telegram Chat plugin for WordPress is vulnerable to authorization bypass due to a missing capability check when accessing messages in versions up to, and including, 4.5.4. This makes it possi…
New
|
CWE-862
Missing Authorization
|
CVE-2024-9630
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
16
|
6.3 |
MEDIUM
Network
|
-
|
-
|
The WPS Telegram Chat plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the 'Wps_Telegram_Chat_Admin::check?onnection' func…
New
|
CWE-862
Missing Authorization
|
CVE-2024-9628
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
17
|
8.8 |
HIGH
Network
|
-
|
-
|
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.99.1. This is due to missing or incorrect nonce va…
New
|
CWE-352
Origin Validation Error
|
CVE-2024-9598
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
18
|
- |
|
-
|
-
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
New
|
-
|
CVE-2024-47158
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
19
|
- |
|
-
|
-
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
New
|
-
|
CVE-2024-45785
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
20
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The League of Legends Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.1 due to insufficient input sanitization and ou…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-10342
|
2024-10-25 17:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|