|
305551
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Vulnerability of input parameters not being verified in the HDC module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-51519
|
2024-11-7 08:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305552
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
|
Vulnerability of message types not being verified in the advanced messaging modul
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-51518
|
2024-11-7 08:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305553
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Vulnerability of improper memory access in the phone service module
Impact: Successful exploitation of this vulnerability may affect availability.
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-51517
|
2024-11-7 08:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305554
|
8.8 |
HIGH
Network
|
darkmysite
|
darkmysite
|
Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite – Advance…
|
CWE-352
Origin Validation Error
|
CVE-2024-50466
|
2024-11-7 08:13 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305555
|
5.3 |
MEDIUM
Network
|
openjsf
|
express
|
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.
The issue arises from improper…
|
NVD-CWE-noinfo
|
CVE-2024-10491
|
2024-11-7 08:08 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305556
|
5.4 |
MEDIUM
Network
|
joshlobe
|
ultimate_tinymce
|
The Ultimate TinyMCE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'field' shortcode in all versions up to, and including, 5.7 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8627
|
2024-11-7 08:06 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305557
|
5.5 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sens…
|
CWE-611
XXE
|
CVE-2024-45086
|
2024-11-7 08:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305558
|
5.4 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_cost_center_common_application_objects
|
Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer). The supported version that is affected is 9.2. Easily exp…
|
NVD-CWE-noinfo
|
CVE-2024-21264
|
2024-11-7 07:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305559
|
5.3 |
MEDIUM
Network
|
oracle
|
installed_base
|
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability a…
|
NVD-CWE-noinfo
|
CVE-2024-21258
|
2024-11-7 07:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305560
|
3.0 |
LOW
Adjacent
|
oracle
|
hyperion_bi\+
|
Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). The supported version that is affected is 11.2.18.0.000. Easily exploitable vulnerability allo…
|
NVD-CWE-noinfo
|
CVE-2024-21257
|
2024-11-7 07:55 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
