|
252351
|
5.3 |
MEDIUM
Network
|
cisco
|
meraki_mx65_firmware
meraki_mx64_firmware
meraki_z4c_firmware
meraki_z4_firmware
meraki_z3c_firmware
meraki_z3_firmware
meraki_vmx_firmware
meraki_mx600_firmware
meraki_mx450_…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-20513
|
2024-10-9 06:16 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252352
|
7.5 |
HIGH
Network
|
cisco
|
ios_xe
|
A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) co…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-20436
|
2024-10-9 06:00 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252353
|
2.7 |
LOW
Network
|
gitlab
|
gitlab
|
An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer coul…
|
NVD-CWE-Other
|
CVE-2024-4278
|
2024-10-9 04:51 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252354
|
- |
|
-
|
-
|
OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute arbitrary code via the Title and summary fields in the /admin/post/edit/ endpoint.
|
-
|
CVE-2024-45933
|
2024-10-9 04:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252355
|
- |
|
-
|
-
|
TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url.
|
-
|
CVE-2024-46325
|
2024-10-9 04:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252356
|
6.3 |
MEDIUM
Network
|
icegram
|
email_subscribers_\&_newsletters
|
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up …
|
CWE-94
Code Injection
|
CVE-2024-8254
|
2024-10-9 04:08 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252357
|
6.1 |
MEDIUM
Network
|
yoginetwork
|
rabbitloader
|
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8800
|
2024-10-9 03:59 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252358
|
6.1 |
MEDIUM
Network
|
themes4wp
|
popularis_extra
|
The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9353
|
2024-10-9 03:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252359
|
5.4 |
MEDIUM
Network
|
iworks
|
pwa
|
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8967
|
2024-10-9 03:47 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252360
|
7.5 |
HIGH
Network
|
cisco
|
meraki_mx65_firmware
meraki_mx64_firmware
meraki_z4c_firmware
meraki_z4_firmware
meraki_z3c_firmware
meraki_z3_firmware
meraki_vmx_firmware
meraki_mx600_firmware
meraki_mx450_…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-20502
|
2024-10-9 03:46 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
