1981
|
9.8 |
CRITICAL
Network
caseproof
|
memberpress
|
Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34.
|
CWE-862
Missing Authorization
|
CVE-2024-43956
|
2024-11-9 05:41 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1982
|
5.3 |
MEDIUM
Network
humhub
|
humhub
|
Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-52043
|
2024-11-9 05:39 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1983
|
8.1 |
HIGH
Network
|
heateor
|
super_socializer
|
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. This is due to …
|
NVD-CWE-noinfo
|
CVE-2024-9946
|
2024-11-9 05:38 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1984
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firewire: core: fix invalid port index for parent device
In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self…
|
NVD-CWE-noinfo
|
CVE-2024-50113
|
2024-11-9 05:37 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1985
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/lam: Disable ADDRESS_MASKING in most cases
Linear Address Masking (LAM) has a weakness related to transient
execution as desc…
|
NVD-CWE-noinfo
|
CVE-2024-50112
|
2024-11-9 05:36 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1986
|
5.4 |
MEDIUM
Network
|
futuriowp
|
futurio_extra
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a throu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50446
|
2024-11-9 05:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1987
|
5.4 |
MEDIUM
Network
|
merkulove
|
selection_lite
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a thr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50445
|
2024-11-9 05:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1988
|
5.4 |
MEDIUM
Network
|
cozythemes
|
cozy_blocks
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-50441
|
2024-11-9 05:33 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1989
|
5.4 |
MEDIUM
Network
|
codepen
|
codepen
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen …
|
CWE-79
Cross-site Scripting
|
CVE-2024-50440
|
2024-11-9 05:33 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1990
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
Unaligned access exception can be triggered in irq-enabled con…
|
NVD-CWE-noinfo
|
CVE-2024-50111
|
2024-11-9 05:32 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|