|
305591
|
5.4 |
MEDIUM
Network
|
hikashop
|
hikashop
|
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious p…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40746
|
2024-10-30 00:34 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305592
|
5.4 |
MEDIUM
Network
|
jesweb
|
anchor_episodes_index
|
The Anchor Episodes Index (Spotify for Podcasters) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchor_episodes shortcode in all versions up to, and including, 2…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10189
|
2024-10-30 00:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305593
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause a coprocessor crash.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-40810
|
2024-10-30 00:21 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305594
|
4.3 |
MEDIUM
Network
|
colorlib
|
simple_custom_post_order
|
Missing Authorization vulnerability in Colorlib Simple Custom Post Order allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Custom Post Order: from n/a …
|
CWE-862
Missing Authorization
|
CVE-2024-49321
|
2024-10-30 00:20 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305595
|
6.1 |
MEDIUM
Network
|
edit_woocommerce_templates_project
|
edit_woocommerce_templates
|
The Edit WooCommerce Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10049
|
2024-10-29 23:49 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305596
|
8.2 |
HIGH
Adjacent
|
eufy
|
homebase_2_firmware
|
The Eufy Homebase 2 before firmware version 3.3.4.1h creates a dedicated wireless network for its ecosystem, which serves as a proxy to the end user's primary network. The WPA2-PSK generation of this…
|
CWE-331
Insufficient Entropy
|
CVE-2023-37822
|
2024-10-29 23:47 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305597
|
6.1 |
MEDIUM
Network
|
themeinwp
|
social_share_with_floating_bar
|
The Social Share With Floating Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8790
|
2024-10-29 23:44 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305598
|
5.4 |
MEDIUM
Network
|
sukiwp
|
suki_sites_import
|
The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and out…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8916
|
2024-10-29 23:37 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305599
|
- |
|
xfree86_project
|
x11r6
|
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's …
|
NVD-CWE-Other
|
CVE-2003-0063
|
2024-10-29 23:35 |
2003-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305600
|
- |
|
qualcomm
|
qpopper
|
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
|
NVD-CWE-Other
|
CVE-1999-0006
|
2024-10-29 23:35 |
1998-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
