Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53743 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Countdown Timer for Elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through 1.3.6.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-53742 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism I.T. Systems Multilevel Referral Affiliate Plugin for WooCommerce allows Reflected XSS.This issue affects Multilevel Referral Affiliate Plugin for WooCommerce: from n/a through 2.27.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-43703 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-43702 |
Description: Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-39712 |
Description: Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-39711 |
Description: Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-39710 |
Description: Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-38656 |
Description: Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-12007 |
Description: A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. This affects an unknown part of the file /visualizar-produto.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in code-projects Farmacia 1.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei /visualizar-produto.php. Durch das Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (5.3) EPSS Score: 0.06%
December 2nd, 2024 (6 months ago)
|
|
CVE-2024-53786 |
WordPress Cowidgets – Elementor Addons plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 1st, 2024 (6 months ago)
|