|
2001
|
6.1 |
MEDIUM
Network
|
manzurulhaque
|
banner_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Manzurul Haque Banner Slider allows Reflected XSS.This issue affects Banner Slider: from n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49635
|
2024-11-1 00:27 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2002
|
5.3 |
MEDIUM
Network
hcltech
|
sametime
|
HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2023-50355
|
2024-11-1 00:18 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2003
|
7.5 |
HIGH
Network
mozilla
|
thunderbird
firefox
|
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR <…
|
CWE-416
Use After Free
|
CVE-2024-10459
|
2024-11-1 00:16 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2004
|
4.3 |
MEDIUM
Network
|
rockoa
|
xinhu
|
RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php.
|
CWE-22
Path Traversal
|
CVE-2024-48213
|
2024-11-1 00:09 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2005
|
7.5 |
HIGH
Network
mozilla
|
thunderbird
firefox
|
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, T…
|
NVD-CWE-noinfo
|
CVE-2024-10458
|
2024-11-1 00:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2006
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vrf: revert "vrf: Remove unnecessary RCU-bh critical section"
This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853.
dev_…
|
CWE-667
Improper Locking
|
CVE-2024-49980
|
2024-10-31 23:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2007
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix PCI device refcount leak in has_external_pci()
for_each_pci_dev() is implemented by pci_get_device(). The comment…
|
NVD-CWE-Other
|
CVE-2022-49000
|
2024-10-31 23:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2008
|
6.1 |
MEDIUM
Network
|
foxskav
|
bet_wc_2018_russia
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Foxskav Bet WC 2018 Russia allows Reflected XSS.This issue affects Bet WC 2018 Russia: fro…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49637
|
2024-10-31 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2009
|
6.1 |
MEDIUM
Network
|
prashantmavinkurve
|
agile_video_player_lite
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Prashant Mavinkurve Agile Video Player Lite allows Reflected XSS.This issue affects Agile …
|
CWE-79
Cross-site Scripting
|
CVE-2024-49636
|
2024-10-31 23:51 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2010
|
4.3 |
MEDIUM
Network
|
hitachienergy
|
tro610_firmware
tro620_firmware
tro670_firmware
|
Profile files from TRO600 series radios are extracted in plain-text
and encrypted file formats. Profile files provide potential attackers
valuable configuration information about the Tropos network. …
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2024-41156
|
2024-10-31 23:49 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
