|
250681
|
6.5 |
MEDIUM
Network
|
lollms
|
lollms_web_ui
|
A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the `lollms_comfyui.py` file in the parisneo/lollms-webui repository, versions v9.9 to the latest. The en…
|
CWE-352
Origin Validation Error
|
CVE-2024-6673
|
2024-11-2 05:37 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250682
|
7.8 |
HIGH
Local
|
adobe
|
illustrator
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-34121
|
2024-11-2 05:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250683
|
7.1 |
HIGH
Network
|
lollms
|
lollms_web_ui
|
A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private API keys from othe…
|
CWE-346
Origin Validation Error
|
CVE-2024-6674
|
2024-11-2 05:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250684
|
5.4 |
MEDIUM
Network
|
chartscss
|
coub
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rami Yushuvaev Coub allows Stored XSS.This issue affects Coub: from n/a through 1.4.
|
CWE-79
Cross-site Scripting
|
CVE-2024-49659
|
2024-11-2 05:25 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250685
|
6.1 |
MEDIUM
Network
|
abdullahirfan
|
documentpress
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Abdullah Irfan DocumentPress allows Reflected XSS.This issue affects DocumentPress: from n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49656
|
2024-11-2 05:24 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250686
|
6.1 |
MEDIUM
Network
|
marianheddesheimer
|
extra_privacy_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor allows Reflected XSS.This issue affects Ex…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49654
|
2024-11-2 05:24 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250687
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Deallocate DML memory if allocation fails
[Why]
When DC state create DML memory allocation fails, memory is not
…
|
NVD-CWE-noinfo
|
CVE-2024-49972
|
2024-11-2 05:18 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250688
|
5.4 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack …
|
CWE-79
Cross-site Scripting
|
CVE-2024-20300
|
2024-11-2 05:14 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250689
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Increase array size of dummy_boolean
[WHY]
dml2_core_shared_mode_support and dml_core_mode_support access the th…
|
NVD-CWE-noinfo
|
CVE-2024-49971
|
2024-11-2 04:59 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250690
|
6.7 |
MEDIUM
Local
|
cisco
|
adaptive_security_appliance_software
firepower_threat_defense_software
|
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arb…
|
CWE-94
Code Injection
|
CVE-2024-20485
|
2024-11-2 04:50 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
