|
309661
|
6.1 |
MEDIUM
Network
|
rollupjs
|
rollup
|
Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` (e.g…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47068
|
2024-10-30 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309662
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9590
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309663
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9589
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309664
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_image
|
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9591
|
2024-10-30 01:04 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309665
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Implement bounds check for stream encoder creation in DCN401
'stream_enc_regs' array is an array of dcn10_stream…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49970
|
2024-10-30 00:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309666
|
9.1 |
CRITICAL
Network
|
openrefine
|
butterfly
|
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour…
|
CWE-22
Path Traversal
|
CVE-2024-47883
|
2024-10-30 00:38 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309667
|
- |
|
-
|
-
|
HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this…
|
-
|
CVE-2024-30124
|
2024-10-30 00:35 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309668
|
- |
|
-
|
-
|
An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web interface locally. In the worst-case scenario, if the application is remotely accessible, it allows an…
|
-
|
CVE-2024-42017
|
2024-10-30 00:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309669
|
- |
|
sgi
|
irix
|
root privileges via buffer overflow in ordist command on SGI IRIX systems.
|
NVD-CWE-Other
|
CVE-1999-0029
|
2024-10-30 00:35 |
1997-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309670
|
5.4 |
MEDIUM
Network
|
hikashop
|
hikashop
|
A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component < 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious p…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40746
|
2024-10-30 00:34 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
