601
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu W3P SEO allows Stored XSS.This issue affects W3P SEO: from n/a before 1.8.6.
|
CWE-352
Origin Validation Error
|
CVE-2024-51684
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
602
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in FraudLabs Pro FraudLabs Pro SMS Verification allows Stored XSS.This issue affects FraudLabs Pro SMS Verification: from n/a through 1.10.1.
|
CWE-352
Origin Validation Error
|
CVE-2024-51688
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
603
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-49025
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
604
|
- |
|
-
|
-
|
A malicious server can crash the OpenAFS cache manager and other client
utilities, and possibly execute arbitrary code.
|
-
|
CVE-2024-10397
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
605
|
- |
|
-
|
-
|
An authenticated user can provide a malformed ACL to the fileserver's StoreACL
RPC, causing the fileserver to crash, possibly expose uninitialized memory, and
possibly store garbage data in the audit…
|
-
|
CVE-2024-10396
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
606
|
- |
|
-
|
-
|
A local user can bypass the OpenAFS PAG (Process Authentication Group)
throttling mechanism in Unix clients, allowing the user to create a PAG using
an existing id number, effectively joining the PAG…
|
-
|
CVE-2024-10394
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
607
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support – WordPress Help Desk allows Upload a Web Shell to a Web Server.This issue affects Hive Support – WordPress …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-52370
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
608
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access Inc. KBucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through 4.1.6.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-52369
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
609
|
- |
|
-
|
-
|
In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. Attackers can exploit this by automating forgot password re…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-3760
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
610
|
- |
|
-
|
-
|
Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datas…
|
-
|
CVE-2024-52524
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|