|
311031
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses
Commit 50c6dbdfd16e ("x86/ioremap: Improve iounm…
|
NVD-CWE-noinfo
|
CVE-2024-50107
|
2024-11-9 06:27 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311032
|
7.2 |
HIGH
Network
|
netgear
|
ex3700_firmware
|
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operating_mode.cgi via the ap_mode parameter with ap_24g_manual set to 1 a…
|
CWE-77
Command Injection
|
CVE-2024-35522
|
2024-11-9 06:25 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311033
|
7.2 |
HIGH
Network
|
netgear
|
xr1000_firmware
|
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the share_name parameter.
|
CWE-77
Command Injection
|
CVE-2024-35517
|
2024-11-9 06:24 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311034
|
7.5 |
HIGH
Network
|
everestthemes
|
everest_backup
|
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2024-10028
|
2024-11-9 06:21 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311035
|
6.1 |
MEDIUM
Network
|
westguardsolutions
|
ws_form
|
The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10647
|
2024-11-9 06:20 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311036
|
4.3 |
MEDIUM
Network
|
tumult
|
tumult_hype_animations
|
The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and inc…
|
CWE-862
Missing Authorization
|
CVE-2024-10543
|
2024-11-9 06:19 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311037
|
5.3 |
MEDIUM
Network
|
martinvalchev
|
video_gallery_for_woocommerce
|
The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions …
|
CWE-862
Missing Authorization
|
CVE-2024-10535
|
2024-11-9 06:19 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311038
|
8.1 |
HIGH
Network
|
heateor
|
social_login
|
The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. This is due to insufficient verification on the user being…
|
NVD-CWE-noinfo
|
CVE-2024-10020
|
2024-11-9 06:19 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311039
|
5.3 |
MEDIUM
Network
|
theinnovs
|
eleforms
|
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all v…
|
CWE-862
Missing Authorization
|
CVE-2024-6626
|
2024-11-9 06:18 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311040
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortimanager_cloud
fortimanager
|
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-47575
|
2024-11-9 06:16 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
