Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52487 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Ultimate Classified Listings allows Stored XSS.This issue affects Ultimate Classified Listings: from n/a through 1.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-52486 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SolverWP Elementor Portfolio Builder allows DOM-Based XSS.This issue affects Elementor Portfolio Builder: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-52479 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Cross Site Request Forgery.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-52478 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Stored XSS.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-52003 |
Description: Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. There is a vulnerability in Traefik that allows the client to provide the X-Forwarded-Prefix header from an untrusted source. This issue has been addressed in versions 2.11.14 and 3.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS: MEDIUM (6.3) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-51900 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard K Miller What Would Seth Godin Do allows Stored XSS.This issue affects What Would Seth Godin Do: from n/a through 2.1.1.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-49581 |
Description: Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users.
The affected service have been patched and automatically deployed to all Apollo-managed Foundry instances.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-38827 |
Description: The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.
CVSS: MEDIUM (4.8) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-33053 |
Description: Memory corruption when multiple threads try to unregister the CVP buffer at the same time.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-33040 |
Description: Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access.
CVSS: MEDIUM (6.7) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|