|
121
|
6.1 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-45609
|
2024-11-20 06:22 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
122
|
5.5 |
MEDIUM
Local
|
adobe
|
audition
|
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to by…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-49536
|
2024-11-20 06:21 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
123
|
6.1 |
MEDIUM
Network
|
tripetto
|
tripetto
|
The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.3 due to insufficient input sanitization and output escaping.…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10260
|
2024-11-20 06:20 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
124
|
4.3 |
MEDIUM
Network
|
smartwpress
|
music_player_for_elementor
|
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() …
Update
|
CWE-862
Missing Authorization
|
CVE-2024-10582
|
2024-11-20 06:17 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
125
|
6.1 |
MEDIUM
Network
|
melapress
|
wp_activity_log
|
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10793
|
2024-11-20 06:13 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
126
|
6.1 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-45610
|
2024-11-20 06:07 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
127
|
5.4 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-45611
|
2024-11-20 05:57 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
128
|
8.1 |
HIGH
Network
|
microsoft
|
windows_server_2022
|
Windows SMBv3 Server Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43447
|
2024-11-20 05:52 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
129
|
5.9 |
MEDIUM
Network
|
microsoft
|
windows_server_2025
windows_11_22h2
windows_11_23h2
windows_server_2022_23h2
windows_11_24h2
|
Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-38264
|
2024-11-20 05:52 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
130
|
7.5 |
HIGH
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_server_2025
windows_server_2019
windows_server_2022
windows_server_2022_23h2
windows_server_2016
|
Windows DNS Spoofing Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43450
|
2024-11-20 05:49 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
