|
312971
|
8.8 |
HIGH
Network
|
-
|
-
|
The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpeden_post_meta' post meta.…
|
-
|
CVE-2024-7486
|
2024-08-8 11:15 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312972
|
8.5 |
HIGH
Network
|
-
|
-
|
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-38206
|
2024-08-8 11:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312973
|
8.2 |
HIGH
Network
|
-
|
-
|
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38166
|
2024-08-8 11:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312974
|
- |
|
-
|
-
|
Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when…
|
NVD-CWE-Other
|
CVE-2004-2238
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312975
|
- |
|
gnu
|
less
|
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings …
|
NVD-CWE-Other
|
CVE-2004-2264
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312976
|
- |
|
microsoft
|
windows_2000
windows_2003_server
windows_xp
|
Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl f…
|
NVD-CWE-Other
|
CVE-2004-2339
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312977
|
- |
|
apache
|
http_server
|
Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. …
|
NVD-CWE-Other
|
CVE-2004-2343
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312978
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a…
|
NVD-CWE-Other
|
CVE-2004-2657
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312979
|
- |
|
zonelabs
|
zonealarm
|
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2713
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312980
|
- |
|
nessus
|
nessus
|
Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue
|
CWE-255
Credentials Management
|
CVE-2004-2722
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
