|
313961
|
5.5 |
MEDIUM
Local
|
logitech
|
options\+
|
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.
|
CWE-863
Incorrect Authorization
|
CVE-2024-8011
|
2024-09-12 03:15 |
2024-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313962
|
5.3 |
MEDIUM
Network
|
purevpn
|
purevpn
|
PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers.
|
NVD-CWE-noinfo
|
CVE-2023-48957
|
2024-09-12 03:07 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313963
|
5.4 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server ABAP allows
an unauthenticated attacker to craft a URL link that could bypass allowlist
controls. Depending on the web applications provided by this server, the
…
|
NVD-CWE-noinfo
|
CVE-2024-41732
|
2024-09-12 02:52 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313964
|
4.3 |
MEDIUM
Network
|
sap
|
business_objects_business_intelligence_platform
|
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful exploitation,
t…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-41731
|
2024-09-12 02:48 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313965
|
5.4 |
MEDIUM
Network
|
wpeka
|
wp_adcenter
|
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ad_alignment’ attribute in all versions up to, and including, 2.5.6 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8317
|
2024-09-12 02:46 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313966
|
4.3 |
MEDIUM
Network
|
wpshuffle
|
frontend_post_submission_manager
|
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_glo…
|
CWE-862
Missing Authorization
|
CVE-2024-8427
|
2024-09-12 02:41 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313967
|
8.8 |
HIGH
Network
|
nvidia
|
mlnx-os
mlnx-gw
onyx
nvda-os_xc
|
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might …
|
NVD-CWE-Other
|
CVE-2024-0104
|
2024-09-12 02:40 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313968
|
4.8 |
MEDIUM
Network
|
themegrill
|
himalayas
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39629
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313969
|
4.8 |
MEDIUM
Network
|
imagely
|
nextgen_gallery
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Imagely NextGEN Gallery allows Stored XSS.This issue affects NextGEN Gallery: from n/a thr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39627
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313970
|
8.8 |
HIGH
Network
|
nvidia
|
mellanox_os
onyx
skyway
metrox-3_xc
metrox-2
|
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of thi…
|
CWE-22
Path Traversal
|
CVE-2024-0113
|
2024-09-12 02:34 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
