|
319041
|
- |
|
-
|
-
|
The UsersWP WordPress plugin before 1.2.12 uses predictable filenames when an admin generates an export, which could allow unauthenticated attackers to download them and retrieve sensitive informati…
|
-
|
CVE-2024-6477
|
2024-09-7 02:35 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319042
|
7.2 |
HIGH
Network
|
teamt5
|
threatsonar_anti-ransomware
|
ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can upload malicious files, w…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7694
|
2024-09-7 02:24 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319043
|
5.4 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.0.8 via the duplicate_post function due…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-8123
|
2024-09-7 02:20 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319044
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20488
|
2024-09-7 02:18 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319045
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-45294. Reason: This candidate is a duplicate of CVE-2024-45294. Notes: All CVE users should reference CVE-2024-452…
|
-
|
CVE-2024-45295
|
2024-09-7 02:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319046
|
- |
|
-
|
-
|
The HL7 FHIR Core Artifacts repository provides the java core object handling code, with utilities (including validator), for the Fast Healthcare Interoperability Resources (FHIR) specification. Prio…
|
-
|
CVE-2024-45294
|
2024-09-7 02:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319047
|
9.8 |
CRITICAL
Network
|
mozilla
|
thunderbird
firefox_esr
firefox
|
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8387
|
2024-09-7 02:15 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319048
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
firefox_esr
|
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. This vulnerability affects Firefox < 130, Firefox ESR < 128.2…
|
CWE-843
Type Confusion
|
CVE-2024-8385
|
2024-09-7 02:15 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319049
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox_esr
firefox
|
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulner…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8384
|
2024-09-7 02:15 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319050
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox_esr
firefox
|
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < …
|
CWE-843
Type Confusion
|
CVE-2024-8381
|
2024-09-7 02:15 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
