4.3

CVSS3.1

CVE-2024-3825 - CSRF in BlazeMeter Jenkins plugin

Versions of the BlazeMeter Jenkins plugin prior to 4.22 contain a flaw which results in credential enumeration

πŸ“… Published: April 17, 2024, 3:03 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.1

CVSS3.1

CVE-2024-29035 - Umbraco's Blind SSRF Leads to Port Scan by using Webhooks

Umbraco is an ASP.NET CMS. Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical. This vulnerability is fixed in 13.1.1.

πŸ“… Published: April 17, 2024, 2:20 p.m. πŸ”„ Last Modified: Feb. 12, 2025, 3:26 p.m.

5.3

CVSS3.1

CVE-2023-43491 -

An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigger thi…

πŸ“… Published: April 17, 2024, 12:55 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 7:15 p.m.

5.3

CVSS3.1

CVE-2023-45209 -

An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to trigge…

πŸ“… Published: April 17, 2024, 12:55 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 7:15 p.m.

8.3

CVSS3.1

CVE-2023-45744 -

A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to configuration modification. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

πŸ“… Published: April 17, 2024, 12:55 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 7:16 p.m.

9.1

CVSS3.1

CVE-2023-39367 -

An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

πŸ“… Published: April 17, 2024, 12:55 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 7:15 p.m.

6.8

CVSS3.1

CVE-2023-40146 -

A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a limited-shell escape and elevated capabilities. An attacker can authenticate with hard-coded credentials and execute unblocke…

πŸ“… Published: April 17, 2024, 12:55 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 7:15 p.m.

6.4

CVSS3.1

CVE-2023-6805 - RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 4.4…

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 4.4.7 via the fetch_feed functionality. This makes it possible for authenticated attackers, …

πŸ“… Published: April 17, 2024, 12:54 p.m. πŸ”„ Last Modified: April 8, 2026, 4:49 p.m.

8.8

CVSS3.1

CVE-2024-3910 - Tenda AC500 DhcpListClient fromDhcpListClient stack-based overflow

A vulnerability, which was classified as critical, has been found in Tenda AC500 2.0.1.9(1307). Affected by this issue is the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remote…

πŸ“… Published: April 17, 2024, noon πŸ”„ Last Modified: Jan. 21, 2025, 5:57 p.m.

6.4

CVSS3.1

CVE-2024-3333 - Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting …

The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for auth…

πŸ“… Published: April 17, 2024, 11:34 a.m. πŸ”„ Last Modified: April 8, 2026, 7:21 p.m.
Total resulsts: 349182
Page 10229 of 34,919
Β« previous page Β» next page
Filters