Total
60767 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-34575 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.1.2. | |||||
CVE-2023-43487 | 2024-05-17 | N/A | 4.7 MEDIUM | ||
Improper access control in some Intel(R) CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2024-21861 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) GPA Framework software before version 2023.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-24715 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt allows Manipulating Hidden Fields.This issue affects BookIt: from n/a through 2.4.0. | |||||
CVE-2023-45652 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Justin Silver Remote Content Shortcode allows PHP Local File Inclusion.This issue affects Remote Content Shortcode: from n/a through 1.5. | |||||
CVE-2022-45070 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Missing Authorization vulnerability in FmeAddons Conditional Checkout Fields for WooCommerce.This issue affects Conditional Checkout Fields for WooCommerce: from n/a through 1.2.3. | |||||
CVE-2024-21823 | 2024-05-17 | N/A | 6.4 MEDIUM | ||
Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. | |||||
CVE-2024-21772 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Intel(R) Advisor software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-32800 | 2024-05-17 | N/A | 5.9 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from n/a through 2.3.1. | |||||
CVE-2023-33321 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6. | |||||
CVE-2024-21841 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path for some Intel(R) Distribution for GDB software before version 2024.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-31295 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Guessable CAPTCHA vulnerability in BestWebSoft Captcha by BestWebSoft allows Functionality Bypass.This issue affects Captcha by BestWebSoft: from n/a through 5.2.0. | |||||
CVE-2023-47855 | 2024-05-17 | N/A | 6.0 MEDIUM | ||
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-39929 | 2024-05-17 | N/A | 6.7 MEDIUM | ||
Uncontrolled search path in some Libva software maintained by Intel(R) before version 2.20.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2024-5051 | 2024-05-17 | 6.5 MEDIUM | 6.3 MEDIUM | ||
A vulnerability has been found in SourceCodester Gas Agency Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file edituser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264748. | |||||
CVE-2024-32720 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56. | |||||
CVE-2024-5048 | 2024-05-17 | 6.5 MEDIUM | 6.3 MEDIUM | ||
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-264745 was assigned to this vulnerability. | |||||
CVE-2024-5043 | 2024-05-17 | 5.8 MEDIUM | 4.7 MEDIUM | ||
A vulnerability was found in Emlog Pro 2.3.4 and classified as critical. Affected by this issue is some unknown functionality of the file admin/setting.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264740. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-34434 | 2024-05-17 | N/A | 6.5 MEDIUM | ||
Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Inclusion, Functionality Misuse.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.2. | |||||
CVE-2024-34756 | 2024-05-17 | N/A | 4.3 MEDIUM | ||
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 HubSpot.This issue affects Integration for Contact Form 7 HubSpot: from n/a through 1.3.1. |