|
308011
|
9.8 |
CRITICAL
Network
|
cozythemes
|
fotawp
|
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
|
CWE-862
Missing Authorization
|
CVE-2024-43980
|
2024-11-9 05:45 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308012
|
9.8 |
CRITICAL
Network
|
cozythemes
|
blockbooster
|
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43979
|
2024-11-9 05:44 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308013
|
9.8 |
CRITICAL
Network
|
cozythemes
|
revivenews
|
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
|
CWE-862
Missing Authorization
|
CVE-2024-43974
|
2024-11-9 05:43 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308014
|
8.8 |
HIGH
Network
|
newspack
|
newspack
|
Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.
|
CWE-862
Missing Authorization
|
CVE-2024-43968
|
2024-11-9 05:43 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308015
|
8.8 |
HIGH
Network
|
lws
|
affiliation
|
Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4.
|
CWE-862
Missing Authorization
|
CVE-2024-43962
|
2024-11-9 05:42 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308016
|
5.3 |
MEDIUM
Network
|
humhub
|
humhub
|
Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-52043
|
2024-11-9 05:39 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308017
|
8.1 |
HIGH
Network
|
heateor
|
super_socializer
|
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. This is due to …
|
NVD-CWE-noinfo
|
CVE-2024-9946
|
2024-11-9 05:38 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308018
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firewire: core: fix invalid port index for parent device
In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self…
|
NVD-CWE-noinfo
|
CVE-2024-50113
|
2024-11-9 05:37 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308019
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/lam: Disable ADDRESS_MASKING in most cases
Linear Address Masking (LAM) has a weakness related to transient
execution as desc…
|
NVD-CWE-noinfo
|
CVE-2024-50112
|
2024-11-9 05:36 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308020
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context
Unaligned access exception can be triggered in irq-enabled con…
|
NVD-CWE-noinfo
|
CVE-2024-50111
|
2024-11-9 05:32 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
