|
311991
|
4.8 |
MEDIUM
Network
|
themegrill
|
himalayas
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39629
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311992
|
4.8 |
MEDIUM
Network
|
imagely
|
nextgen_gallery
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Imagely NextGEN Gallery allows Stored XSS.This issue affects NextGEN Gallery: from n/a thr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39627
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311993
|
8.8 |
HIGH
Network
|
nvidia
|
mellanox_os
onyx
skyway
metrox-3_xc
metrox-2
|
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of thi…
|
CWE-22
Path Traversal
|
CVE-2024-0113
|
2024-09-12 02:34 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311994
|
6.1 |
MEDIUM
Network
|
metagauss
|
registrationmagic
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RegistrationMagic Forms RegistrationMagic allows Stored XSS.This issue affects Registratio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39643
|
2024-09-12 02:33 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311995
|
5.4 |
MEDIUM
Network
|
modernaweb
|
black_widgets_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black W…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39644
|
2024-09-12 02:31 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311996
|
6.1 |
MEDIUM
Local
|
nvidia
|
cv-cuda
|
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python p…
|
NVD-CWE-noinfo
|
CVE-2024-0115
|
2024-09-12 02:24 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311997
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon import…
|
NVD-CWE-noinfo
|
CVE-2024-8041
|
2024-09-12 01:54 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311998
|
6.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim's pipel…
|
CWE-77
Command Injection
|
CVE-2024-7110
|
2024-09-12 01:52 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311999
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker t…
|
NVD-CWE-noinfo
|
CVE-2024-6502
|
2024-09-12 01:49 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312000
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op()
In zynq_qspi_exec_mem_op(), kzalloc() is directly u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-4441
|
2024-09-12 01:43 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
