|
308871
|
- |
|
-
|
-
|
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need…
|
-
|
CVE-2024-20098
|
2024-10-7 12:15 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308872
|
- |
|
-
|
-
|
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede…
|
-
|
CVE-2024-20092
|
2024-10-7 12:15 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308873
|
- |
|
-
|
-
|
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede…
|
-
|
CVE-2024-20090
|
2024-10-7 12:15 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308874
|
6.5 |
MEDIUM
Network
|
online_voting_system_project
|
online_voting_system
|
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by a…
|
CWE-352
Origin Validation Error
|
CVE-2024-45987
|
2024-10-5 11:21 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308875
|
5.4 |
MEDIUM
Network
|
websevendev
|
attributes_for_blocks
|
The Attributes for Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributesForBlocks’ parameter in all versions up to, and including, 1.0.6 due to insufficient inp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8318
|
2024-10-5 11:10 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308876
|
8.8 |
HIGH
Network
|
piwebsolution
|
product_enquiry_for_woocommerce
|
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untr…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8922
|
2024-10-5 04:11 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308877
|
6.1 |
MEDIUM
Network
|
stellarwp
|
the_events_calendar
|
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and ou…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6931
|
2024-10-5 04:08 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308878
|
5.4 |
MEDIUM
Network
|
leap13
|
premium_addons_for_elementor
|
The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8681
|
2024-10-5 04:04 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308879
|
5.4 |
MEDIUM
Network
|
codesupply
|
absolute_reviews
|
The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8965
|
2024-10-5 04:04 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308880
|
8.8 |
HIGH
Network
|
advantech
|
adam-5630_firmware
|
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same
origin policy, which is designed to prevent different websites fro…
|
CWE-352
Origin Validation Error
|
CVE-2024-28948
|
2024-10-5 03:58 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
