|
307331
|
6.1 |
MEDIUM
Network
|
wpfactory
|
quantity_dynamic_pricing_\&_bulk_discounts_for_woocommerce
|
The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9384
|
2024-10-11 05:52 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307332
|
6.1 |
MEDIUM
Network
|
techbanker
|
captcha_bank
|
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9375
|
2024-10-11 05:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307333
|
5.4 |
MEDIUM
Network
|
wpblockshub
|
wp_blocks_hub
|
The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9372
|
2024-10-11 05:36 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307334
|
5.4 |
MEDIUM
Network
|
miguelmello
|
aggregator_advanced_settings
|
The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9368
|
2024-10-11 05:30 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307335
|
6.1 |
MEDIUM
Network
|
michaeluno
|
auto_amazon_links
|
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9349
|
2024-10-11 05:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307336
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-860l_firmware
|
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can caus…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-42812
|
2024-10-11 05:18 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307337
|
6.1 |
MEDIUM
Network
|
angeljudesuarez
|
placement_management_system
|
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46300
|
2024-10-11 03:52 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307338
|
4.9 |
MEDIUM
Network
|
google
|
android
|
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20102
|
2024-10-11 03:20 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307339
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: line6: Fix racy access to midibuf
There can be concurrent accesses to line6 midibuf from both the URB
completion callback a…
|
CWE-362
Race Condition
|
CVE-2024-44954
|
2024-10-11 03:02 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307340
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Don't refer to dc_sink in is_dsc_need_re_compute
[Why]
When unplug one of monitors connected after mst hub, enco…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44955
|
2024-10-11 02:57 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
