|
1
|
- |
|
-
|
-
|
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and kn…
New
|
-
|
CVE-2023-34049
|
2024-11-14 14:15 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
- |
|
-
|
-
|
A Remote Code Execution vulnerability has been discovered in Sonatype Nexus Repository 2.
This issue affects Nexus Repository 2 OSS/Pro versions up to and including 2.15.1.
New
|
-
|
CVE-2024-5082
|
2024-11-14 12:15 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
9.8 |
CRITICAL
Network
oretnom23
|
simple_music_cloud_community_system
|
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The mani…
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11054
|
2024-11-14 11:43 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: clear wdev->cqm_config pointer on free
When we free wdev->cqm_config when unregistering, we also
need to clear ou…
Update
|
CWE-415
Double Free
|
CVE-2024-50235
|
2024-11-14 11:26 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlegacy: Clear stale interrupts before resuming device
iwl4965 fails upon resume from hibernation on my laptop. The reason…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-50234
|
2024-11-14 11:25 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
5.4 |
MEDIUM
Network
|
wpza
|
amp_img_shortcode
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZA AMP Img Shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a th…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51576
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
5.4 |
MEDIUM
Network
|
lucapaggetti
|
3d_presentation
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Luca Paggetti 3D Presentation allows Stored XSS.This issue affects 3D Presentation: from n…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51578
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
5.4 |
MEDIUM
Network
|
camunda
|
bpmn.io
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Camunda Services GmbH bpmn.Io allows Stored XSS.This issue affects bpmn.Io: from n/a throu…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51577
|
2024-11-14 11:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
5.4 |
MEDIUM
Network
|
anasedreesi
|
marquee_elementor_with_posts
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Anas Edreesi Marquee Elementor with Posts allows DOM-Based XSS.This issue affects Marquee …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51584
|
2024-11-14 11:23 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
5.4 |
MEDIUM
Network
|
pluginspoint
|
kento_ads_rotator
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51583
|
2024-11-14 11:17 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
