8.8

CVSS3.1

CVE-2024-3516 -

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: April 10, 2024, 6:41 p.m. πŸ”„ Last Modified: March 13, 2025, 6:15 p.m.

8.1

CVSS3.1

CVE-2024-3157 -

Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

πŸ“… Published: April 10, 2024, 6:41 p.m. πŸ”„ Last Modified: March 27, 2025, 4:15 p.m.

6.8

CVSS3.1

CVE-2024-31464 - XWiki Platform: Password hash might be leaked by diff once the xobject holding them is deleted

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.19, 15.5.4, and 15.9-rc-1, it is possible to access the hash of a password by using the diff feature of the history whenever the object storing the password is deleted. Using that vulnerability it's …

πŸ“… Published: April 10, 2024, 6:14 p.m. πŸ”„ Last Modified: Jan. 9, 2025, 4:41 p.m.

5.3

CVSS3.1

CVE-2024-31242 - WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary Email Sending vulnerability

Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17.

πŸ“… Published: April 10, 2024, 5:48 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

5.3

CVSS3.1

CVE-2024-31230 - WordPress ShortPixel Adaptive Images plugin <= 3.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.2.

πŸ“… Published: April 10, 2024, 5:46 p.m. πŸ”„ Last Modified: April 28, 2026, 12:10 p.m.

4.3

CVSS3.1

CVE-2024-31943 - WordPress USPS Shipping for WooCommerce plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) vulnera…

Cross-Site Request Forgery (CSRF) vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.2.

πŸ“… Published: April 10, 2024, 5:41 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

4.3

CVSS3.1

CVE-2024-31944 - WordPress WooCommerce UPS Shipping plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Octolize WooCommerce UPS Shipping – Live Rates and Access Points.This issue affects WooCommerce UPS Shipping – Live Rates and Access Points: from n/a through 2.2.4.

πŸ“… Published: April 10, 2024, 5:39 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

9.1

CVSS3.1

CVE-2024-31461 - Plane Server-Side Request Forgery (SSRF) Vulnerability

Plane, an open-source project management tool, has a Server-Side Request Forgery (SSRF) vulnerability in versions prior to 0.17-dev. This issue may allow an attacker to send arbitrary requests from the server hosting the application, potentially leading to unauthorized access to internal systems. T…

πŸ“… Published: April 10, 2024, 5:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.7

CVSS3.1

CVE-2024-31214 - Traccar's unrestricted file upload vulnerability in device image upload could lead to remote code e…

Traccar is an open source GPS tracking system. Traccar versions 5.1 through 5.12 allow arbitrary files to be uploaded through the device image upload API. Attackers have full control over the file contents, full control over the directory where the file is stored, full control over the file extensi…

πŸ“… Published: April 10, 2024, 5:20 p.m. πŸ”„ Last Modified: Jan. 9, 2025, 4:14 p.m.

5.4

CVSS3.1

CVE-2024-3570 - Stored XSS leading to Admin Account Takeover in mintplex-labs/anything-llm

A stored Cross-Site Scripting (XSS) vulnerability exists in the chat functionality of the mintplex-labs/anything-llm repository, allowing attackers to execute arbitrary JavaScript in the context of a user's session. By manipulating the ChatBot responses, an attacker can inject malicious scripts to …

πŸ“… Published: April 10, 2024, 5:08 p.m. πŸ”„ Last Modified: July 9, 2025, 7:38 p.m.
Total resulsts: 349182
Page 10330 of 34,919
Β« previous page Β» next page
Filters