|
312901
|
5.4 |
MEDIUM
Network
|
wpvibes
|
elementor_addon_elements
|
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7122
|
2024-09-3 23:41 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312902
|
- |
|
-
|
-
|
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make imp…
|
-
|
CVE-2024-3655
|
2024-09-3 23:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312903
|
6.3 |
MEDIUM
Network
|
maxfoundry
|
media_library_folders
|
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to…
|
CWE-862
Missing Authorization
|
CVE-2024-7858
|
2024-09-3 23:34 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312904
|
8.8 |
HIGH
Network
|
codection
|
clean_login
|
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes …
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-8252
|
2024-09-3 23:31 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312905
|
6.1 |
MEDIUM
Network
|
wpbookingcalendar
|
wp_booking_calendar
|
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8274
|
2024-09-3 23:28 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312906
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched: Fix yet more sched_fork() races
Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an
invalid sched_task_gr…
|
NVD-CWE-noinfo
|
CVE-2022-48944
|
2024-09-3 23:26 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312907
|
9.8 |
CRITICAL
Network
|
openrapid
|
rapidcms
|
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-8331
|
2024-09-3 23:25 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312908
|
9.8 |
CRITICAL
Network
|
master-nan
|
sweet-cms
|
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. T…
|
CWE-89
SQL Injection
|
CVE-2024-8332
|
2024-09-3 23:23 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312909
|
- |
|
-
|
-
|
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8370
|
2024-09-3 23:15 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312910
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: usb: qmi_wwan: fix memory leak for not ip packets
Free the unused skb when not ip packets arrive.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-43861
|
2024-09-3 22:45 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
