|
313851
|
5.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
|
-
|
CVE-2023-6110
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313852
|
7.4 |
HIGH
Network
|
-
|
-
|
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltr…
|
CWE-444
HTTP Request Smuggling
|
CVE-2023-4639
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313853
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject …
|
CWE-233
Improper Handling of Parameters
|
CVE-2023-1419
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313854
|
3.4 |
LOW
Adjacent
|
-
|
-
|
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for a…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2023-0657
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313855
|
7.5 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2020-25720
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313856
|
- |
|
-
|
-
|
The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.15.6 due to insufficie…
|
CWE-89
SQL Injection
|
CVE-2024-9887
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313857
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization …
|
CWE-80
Basic XSS
|
CVE-2024-10592
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313858
|
7.5 |
HIGH
Network
|
-
|
-
|
The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the us…
|
CWE-89
SQL Injection
|
CVE-2024-10645
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313859
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, …
|
CWE-862
Missing Authorization
|
CVE-2024-10614
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313860
|
8.8 |
HIGH
Network
|
-
|
-
|
The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'install_re…
|
CWE-862
Missing Authorization
|
CVE-2024-10728
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
