|
251021
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock
Use a dedicated mutex to guard kvm_usage_count to fix a pot…
|
CWE-667
Improper Locking
|
CVE-2024-47744
|
2024-10-23 00:44 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251022
|
4.8 |
MEDIUM
Network
|
code-projects
|
pharmacy_management
|
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /manage_medicine.php of t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10199
|
2024-10-23 00:40 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251023
|
4.8 |
MEDIUM
Network
|
code-projects
|
pharmacy_management
|
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10198
|
2024-10-23 00:39 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251024
|
4.8 |
MEDIUM
Network
|
heimkino-praxis
|
movie_database
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43300
|
2024-10-23 00:35 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251025
|
8.8 |
HIGH
Network
|
sermonaudio
|
sermonaudio_widgets
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: fr…
|
CWE-89
SQL Injection
|
CVE-2024-49614
|
2024-10-23 00:34 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251026
|
8.8 |
HIGH
Network
|
lodelgeraldo
|
simple_code_insert_shortcode
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code In…
|
CWE-89
SQL Injection
|
CVE-2024-49613
|
2024-10-23 00:29 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251027
|
6.3 |
MEDIUM
Network
|
dell
|
secure_connect_gateway
|
Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vuln…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-47240
|
2024-10-23 00:28 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251028
|
6.1 |
MEDIUM
Network
|
madrasthemes
|
mas_companies_for_wp_job_manager
|
The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9206
|
2024-10-23 00:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251029
|
4.3 |
MEDIUM
Network
|
smackcoders
|
sendgrid
|
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and includ…
|
CWE-862
Missing Authorization
|
CVE-2024-9364
|
2024-10-23 00:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251030
|
5.4 |
MEDIUM
Network
|
tychesoftwares
|
arconix_shortcodes
|
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input san…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9703
|
2024-10-23 00:25 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
