|
313061
|
8.8 |
HIGH
Network
|
ithemelandco
|
woocommerce_report
|
The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settin…
|
CWE-352
Origin Validation Error
|
CVE-2024-10711
|
2024-11-8 02:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313062
|
8.1 |
HIGH
Network
|
wpwebelite
|
woocommerce_-_social_login
|
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being retu…
|
NVD-CWE-noinfo
|
CVE-2024-10114
|
2024-11-8 02:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313063
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Vulnerability of parameter type not being verified in the WantAgent module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-51512
|
2024-11-8 02:03 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313064
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Vulnerability of parameter type not being verified in the WantAgent module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-51511
|
2024-11-8 02:03 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313065
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Out-of-bounds access vulnerability in the logo module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-51510
|
2024-11-8 02:03 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313066
|
- |
|
-
|
-
|
Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 20…
|
-
|
CVE-2024-6245
|
2024-11-8 01:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313067
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
prepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no prima…
|
NVD-CWE-Other
|
CVE-2024-8305
|
2024-11-8 00:38 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313068
|
6.1 |
MEDIUM
Network
|
klokantech
|
maptiler_tileserver_gl
|
A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argume…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10503
|
2024-11-8 00:30 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313069
|
7.5 |
HIGH
Network
|
nginxui
|
nginx_ui
|
Nginx UI is a web user interface for the Nginx web server. Nginx UI v2.0.0-beta.35 and earlier gets the value from the json field without verification, and can construct a value value in the form of …
|
CWE-22
Path Traversal
|
CVE-2024-49366
|
2024-11-8 00:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313070
|
7.5 |
HIGH
Network
|
nginxui
|
nginx_ui
|
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, the log path of nginxui is controllable. This issue can be combined with the directory traversal at `/api/co…
|
CWE-862
Missing Authorization
|
CVE-2024-49367
|
2024-11-7 23:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
