Total
94618 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7703 | 2024-08-19 | N/A | 6.4 MEDIUM | ||
| The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. | |||||
| CVE-2024-43278 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Phi Phan Meta Field Block allows Stored XSS.This issue affects Meta Field Block: from n/a through 1.2.13. | |||||
| CVE-2024-43305 | 2024-08-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Code Amp Custom Layouts – Post + Product grids made easy allows Stored XSS.This issue affects Custom Layouts – Post + Product grids made easy: from n/a through 1.4.11. | |||||
| CVE-2024-7709 | 2024-08-17 | 5.0 MEDIUM | 4.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, has been found in OcoMon 4.0RC1/4.0/5.0RC1. This issue affects some unknown processing of the file /includes/common/require_access_recovery.php of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.1 and 5.0 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2024-38161 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2024-08-16 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Remote Code Execution Vulnerability | |||||
| CVE-2024-38143 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-08-16 | N/A | 4.2 MEDIUM |
| Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability | |||||
| CVE-2024-38155 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-08-16 | N/A | 5.5 MEDIUM |
| Security Center Broker Information Disclosure Vulnerability | |||||
| CVE-2024-38173 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-08-16 | N/A | 6.7 MEDIUM |
| Microsoft Outlook Remote Code Execution Vulnerability | |||||
| CVE-2024-38167 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-08-16 | N/A | 6.5 MEDIUM |
| .NET and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2024-38165 | 1 Microsoft | 2 Windows 11 22h2, Windows 11 23h2 | 2024-08-16 | N/A | 6.5 MEDIUM |
| Windows Compressed Folder Tampering Vulnerability | |||||
| CVE-2024-31799 | 1 Gncchome | 2 Gncc C2, Gncc C2 Firmware | 2024-08-16 | N/A | 4.6 MEDIUM |
| Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. | |||||
| CVE-2024-38122 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 5.5 MEDIUM |
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||||
| CVE-2024-38118 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-16 | N/A | 5.5 MEDIUM |
| Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | |||||
| CVE-2024-41962 | 1 Yonle | 1 Bostr | 2024-08-16 | N/A | 6.3 MEDIUM |
| Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorized_keys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10. | |||||
| CVE-2024-38123 | 1 Microsoft | 1 Windows 11 24h2 | 2024-08-16 | N/A | 4.4 MEDIUM |
| Windows Bluetooth Driver Information Disclosure Vulnerability | |||||
| CVE-2024-6347 | 1 Nissan-global | 2 Altima, Blind Spot Detection Sensor Ecu Firmware | 2024-08-16 | N/A | 6.5 MEDIUM |
| * Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU firmware in Nissan Altima (2022) allows attackers to trigger denial-of-service (DoS) by unauthorized access to the ECU's programming session. * No preconditions implemented for ECU management functionality through UDS session in the Blind Spot Detection Sensor ECU in Nissan Altima (2022) allows attackers to disrupt normal ECU operations by triggering a control command without authentication. | |||||
| CVE-2024-31798 | 1 Gncchome | 2 Gncc C2, Gncc C2 Firmware | 2024-08-16 | N/A | 6.8 MEDIUM |
| Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to retrieve the root password for all similar devices | |||||
| CVE-2024-38214 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-08-15 | N/A | 6.5 MEDIUM |
| Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability | |||||
| CVE-2024-38223 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-08-15 | N/A | 6.8 MEDIUM |
| Windows Initial Machine Configuration Elevation of Privilege Vulnerability | |||||
| CVE-2024-40704 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | N/A | 4.9 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. | |||||