|
314561
|
6.1 |
MEDIUM
Network
|
techbanker
|
captcha_bank
|
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9375
|
2024-10-11 05:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314562
|
5.4 |
MEDIUM
Network
|
wpblockshub
|
wp_blocks_hub
|
The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9372
|
2024-10-11 05:36 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314563
|
5.4 |
MEDIUM
Network
|
miguelmello
|
aggregator_advanced_settings
|
The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9368
|
2024-10-11 05:30 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314564
|
6.1 |
MEDIUM
Network
|
michaeluno
|
auto_amazon_links
|
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9349
|
2024-10-11 05:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314565
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-860l_firmware
|
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can caus…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-42812
|
2024-10-11 05:18 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314566
|
6.1 |
MEDIUM
Network
|
angeljudesuarez
|
placement_management_system
|
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46300
|
2024-10-11 03:52 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314567
|
4.9 |
MEDIUM
Network
|
google
|
android
|
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20102
|
2024-10-11 03:20 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314568
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: line6: Fix racy access to midibuf
There can be concurrent accesses to line6 midibuf from both the URB
completion callback a…
|
CWE-362
Race Condition
|
CVE-2024-44954
|
2024-10-11 03:02 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314569
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute
[Why]
When unplug one of monitors connected after mst hub, enco…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44955
|
2024-10-11 02:57 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314570
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched/smt: Fix unbalance sched_smt_present dec/inc
I got the following warn report while doing stress test:
jump label: negative…
|
NVD-CWE-noinfo
|
CVE-2024-44958
|
2024-10-11 02:56 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
