|
318261
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience_enovia
|
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8004
|
2024-09-4 23:56 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318262
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience
|
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7938
|
2024-09-4 23:53 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318263
|
6.1 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38858
|
2024-09-4 23:39 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318264
|
6.5 |
MEDIUM
Network
|
hashicorp
|
vault
|
Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors,…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8365
|
2024-09-4 23:37 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318265
|
- |
|
-
|
-
|
Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-8362
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318266
|
- |
|
-
|
-
|
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-7970
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318267
|
- |
|
-
|
-
|
A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0, maintained by RECANTHA. The issue arises from improper sanitization of user input passed to the "position" GE…
|
-
|
CVE-2024-44809
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318268
|
6.1 |
MEDIUM
Network
|
memberpress
|
memberpress
|
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mepr_screenname' and 'mepr_key' parameter in all versions up to, and including, 1.11.29 due to insufficie…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5024
|
2024-09-4 23:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318269
|
5.4 |
MEDIUM
Network
|
wpvibes
|
elementor_addon_elements
|
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-4401
|
2024-09-4 23:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318270
|
8.8 |
HIGH
Network
|
wolfssl
|
wolfssl
|
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a v…
|
CWE-74
Injection
|
CVE-2024-2881
|
2024-09-4 23:27 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
