|
313751
|
6.5 |
MEDIUM
Adjacent
|
enelx
|
waybox_pro_firmware
|
In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. reboot).
|
NVD-CWE-noinfo
|
CVE-2023-29115
|
2024-11-9 01:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313752
|
5.4 |
MEDIUM
Network
|
xplodedthemes
|
xt_floating_cart_for_woocommerce
|
The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanit…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9178
|
2024-11-9 01:03 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313753
|
5.4 |
MEDIUM
Network
|
bdthemes
|
element_pack
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget'…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9867
|
2024-11-9 01:00 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313754
|
5.4 |
MEDIUM
Network
|
bdthemes
|
element_pack
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9657
|
2024-11-9 01:00 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313755
|
4.3 |
MEDIUM
Network
|
g5plus
|
ultimate_bootstrap_elements_for_elementor
|
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' functio…
|
NVD-CWE-noinfo
|
CVE-2024-10329
|
2024-11-9 00:59 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313756
|
7.3 |
HIGH
Network
|
tickera
|
tickera
|
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users t…
|
CWE-94
Code Injection
|
CVE-2024-10263
|
2024-11-9 00:59 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313757
|
4.3 |
MEDIUM
Network
|
themeum
|
wp_crowdfunding
|
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43937
|
2024-11-9 00:57 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313758
|
5.3 |
MEDIUM
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. Unauthenticated user can perform users enumeration, which can make it easier to bruteforce a valid account. As a fix the sentence displ…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-51739
|
2024-11-9 00:56 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313759
|
4.1 |
MEDIUM
Network
|
nvidia
|
nvidia_container_toolkit
nvidia_gpu_operator
|
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name …
|
NVD-CWE-Other
|
CVE-2024-0134
|
2024-11-9 00:53 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313760
|
6.1 |
MEDIUM
Network
|
hashicorp
|
consul
|
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10086
|
2024-11-9 00:49 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
