Tag: NVD
-
CVE-2024-2859 – By default, SANnav OVA is shipped with root user login enabled. While protected by a …
By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a …
-
CVE-2024-2258 – The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for …
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site …
-
CVE-2024-2838 – The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored …
The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the …
-
CVE-2024-3034 – The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all …
The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13 via the …
-
CVE-2024-4245 – A vulnerability, which was classified as critical, has been found in Tenda i21 …
A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). Affected by this issue is the function …
-
CVE-2024-32651 – changedetection.io is an open source web page change detection, website watcher, restock …
changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a …
-
CVE-2024-32868 – ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and …
ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While …
-
CVE-2024-33661 – Portainer before 2.20.0 allows redirects when the target is not …
Portainer before 2.20.0 allows redirects when the target is not …
-
CVE-2024-33663 – python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key …
python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to …
-
CVE-2024-33664 – python-jose through 3.3.0 allows attackers to cause a denial of service (resource …
python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web …
-
CVE-2022-48682 – In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file …
In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a …
-
CVE-2024-33665 – angular-translate through 2.19.1 allows XSS via a crafted key that is used by the …
angular-translate through 2.19.1 allows XSS via a crafted key that is used by the translate directive. NOTE: the vendor indicates that …
●●●