CVE Alert: CVE-2024-9165
Vulnerability Summary: CVE-2024-9165 The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to Stored Cross-Site...
Vulnerabilities
CVE Alert: CVE-2024-30149
Vulnerability Summary: CVE-2024-30149 HCL AppScan Source
CVE Alert: CVE-2024-43383
Vulnerability Summary: CVE-2024-43383 Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005...
CVE Alert: CVE-2024-43930
Vulnerability Summary: CVE-2024-43930 Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request Forgery.This issue affects JobSearch: from...
CVE Alert: CVE-2024-9430
Vulnerability Summary: CVE-2024-9430 The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-49685
Vulnerability Summary: CVE-2024-49685 Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) allows Cross Site Request...
CVE Alert: CVE-2024-10454
Vulnerability Summary: CVE-2024-10454 Clickjacking vulnerability in Clibo Manager v1.1.9.12 in the '/public/login' directory, a login panel. This vulnerability occurs due...
CVE Alert: CVE-2024-49674
Vulnerability Summary: CVE-2024-49674 Cross-Site Request Forgery (CSRF) vulnerability in Lukas Huser EKC Tournament Manager allows Upload a Web Shell to...
CVE Alert: CVE-2024-8934
Vulnerability Summary: CVE-2024-8934 A local user with administrative access rights can enter specialy crafted values for settings at the user...
CVE Alert: CVE-2024-43933
Vulnerability Summary: CVE-2024-43933 Cross-Site Request Forgery (CSRF) vulnerability in WPMobile.App allows Stored XSS.This issue affects WPMobile.App: from n/a through 11.48....
CVE Alert: CVE-2024-43984
Vulnerability Summary: CVE-2024-43984 Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code Injection.This issue affects Podlove Podcast...
CVE Alert: CVE-2024-48910
Vulnerability Summary: CVE-2024-48910 DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to...
CVE Alert: CVE-2024-51259
Vulnerability Summary: CVE-2024-51259 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-42835
Vulnerability Summary: CVE-2024-42835 langflow v1.0.12 was discovered to contain a remote code execution (RCE) vulnerability via the PythonCodeTool component. Affected...
CVE Alert: CVE-2024-51254
Vulnerability Summary: CVE-2024-51254 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-8553
Vulnerability Summary: CVE-2024-8553 A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an...
CVE Alert: CVE-2024-51260
Vulnerability Summary: CVE-2024-51260 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-50354
Vulnerability Summary: CVE-2024-50354 gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0...
CVE Alert: CVE-2024-8185
Vulnerability Summary: CVE-2024-8185 Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service...
CVE Alert: CVE-2024-51255
Vulnerability Summary: CVE-2024-51255 DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling...
CVE Alert: CVE-2024-51478
Vulnerability Summary: CVE-2024-51478 YesWiki is a wiki system written in PHP. Prior to 4.4.5, the use of a weak cryptographic...
CVE Alert: CVE-2024-7883
Vulnerability Summary: CVE-2024-7883 When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via...
CVE Alert: CVE-2024-51482
Vulnerability Summary: CVE-2024-51482 ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.*
CVE Alert: CVE-2024-50356
Vulnerability Summary: CVE-2024-50356 Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The...
