2341
|
5.4 |
MEDIUM
Network
|
wpkoi
|
wpkoi_templates_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49679
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2342
|
6.1 |
MEDIUM
Network
|
themoyles
|
church_admin
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a bef…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50438
|
2024-11-8 23:52 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2343
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvme_dev_disable()
nvme_dev_disable() modifies the dev->online_queues field, there…
|
CWE-362
Race Condition
|
CVE-2024-50135
|
2024-11-8 23:34 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2344
|
5.4 |
MEDIUM
Network
|
mycred
|
mycred_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCRED myCred Elementor allows Stored XSS.This issue affects myCred Elementor: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49702
|
2024-11-8 23:32 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2345
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Unregister notifier on eswitch init failure
It otherwise remains registered and a subsequent attempt at eswitch
enablin…
|
NVD-CWE-noinfo
|
CVE-2024-50136
|
2024-11-8 23:31 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2346
|
6.5 |
MEDIUM
Network
|
zte
|
zxr10_1800-2s_firmware zxr10_2800-4_firmware zxr10_3800-8_firmware zxr10_160_firmware
|
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the de…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-22066
|
2024-11-8 23:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2347
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC
data->asserted will be NULL on JH7110 SoC since commit 8232…
|
NVD-CWE-noinfo
|
CVE-2024-50137
|
2024-11-8 23:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2348
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Use raw_spinlock_t in ringbuf
The function __bpf_ringbuf_reserve is invoked from a tracepoint, which
disables preemption. Us…
|
NVD-CWE-noinfo
|
CVE-2024-50138
|
2024-11-8 23:27 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2349
|
- |
|
-
|
-
|
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a s…
|
-
|
CVE-2024-7784
|
2024-11-8 18:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2350
|
- |
|
-
|
-
|
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. …
|
-
|
CVE-2024-6979
|
2024-11-8 18:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|