2331
|
9.1 |
CRITICAL
Network
qualcomm
|
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn7881_firmware wcn7880_firmware
|
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
NVD-CWE-noinfo
|
CVE-2024-38408
|
2024-11-9 00:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2332
|
6.1 |
MEDIUM
Network
|
flycart
|
discount_rules_for_woocommerce
|
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8541
|
2024-11-9 00:07 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2333
|
8.8 |
HIGH
Network
|
ibm
|
watson_studio_local
|
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
|
CWE-352
Origin Validation Error
|
CVE-2024-49340
|
2024-11-9 00:06 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2334
|
4.6 |
MEDIUM
Network
|
apache
|
nifi
|
Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45477
|
2024-11-9 00:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2335
|
7.2 |
HIGH
Network
|
davidlingren
|
media_library_assistant
|
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Lib…
|
CWE-78
OS Command
|
CVE-2024-51661
|
2024-11-9 00:02 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2336
|
4.6 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers…
|
CWE-352
Origin Validation Error
|
CVE-2024-46872
|
2024-11-9 00:00 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2337
|
6.1 |
MEDIUM
Network
|
latex2html
|
latex2html
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through 2…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49673
|
2024-11-8 23:57 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2338
|
6.1 |
MEDIUM
Network
|
samglover
|
client_power_tools
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal allows Reflected XSS.This issue affects Client Power …
|
CWE-79
Cross-site Scripting
|
CVE-2024-49670
|
2024-11-8 23:57 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2339
|
5.4 |
MEDIUM
Network
|
affiliatexblocks
|
affiliatex
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AffiliateX allows Stored XSS.This issue affects AffiliateX: from n/a through 1.2.9.
|
CWE-79
Cross-site Scripting
|
CVE-2024-49692
|
2024-11-8 23:55 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2340
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
astra_widgets
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50439
|
2024-11-8 23:53 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|