|
313511
|
9.8 |
CRITICAL
Network
|
weechat
|
weechat
|
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_f…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46613
|
2024-11-20 06:35 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313512
|
- |
|
-
|
-
|
wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function `block_type_get_result_types.
|
-
|
CVE-2024-27532
|
2024-11-20 06:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313513
|
6.1 |
MEDIUM
Network
|
thimpress
|
learnpress_export_import
|
The LearnPress Export Import – WordPress extension for LearnPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'learnpress_import_form_server' parameter in all version…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9609
|
2024-11-20 06:28 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313514
|
9.8 |
CRITICAL
Network
|
1000projects
|
beauty_parlour_management_system
|
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-11258
|
2024-11-20 06:24 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313515
|
9.8 |
CRITICAL
Network
|
1000projects
|
beauty_parlour_management_system
|
A vulnerability classified as critical has been found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/forgot-password.php. The manipulation of t…
|
CWE-89
SQL Injection
|
CVE-2024-11257
|
2024-11-20 06:24 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313516
|
6.1 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45609
|
2024-11-20 06:22 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313517
|
5.5 |
MEDIUM
Local
|
adobe
|
audition
|
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to by…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-49536
|
2024-11-20 06:21 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313518
|
4.3 |
MEDIUM
Network
|
smartwpress
|
music_player_for_elementor
|
The Music Player for Elementor – Audio Player & Podcast Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the import_mpfe_template() …
|
CWE-862
Missing Authorization
|
CVE-2024-10582
|
2024-11-20 06:17 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313519
|
6.1 |
MEDIUM
Network
|
melapress
|
wp_activity_log
|
The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10793
|
2024-11-20 06:13 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313520
|
6.1 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45610
|
2024-11-20 06:07 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
