4.8

CVSS3.1

CVE-2024-10555 - MaxButtons < 9.8.1 - Admin+ Stored XSS via Button Width

The WordPress Button Plugin MaxButtons WordPress plugin before 9.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisit…

πŸ“… Published: Dec. 20, 2024, 6 a.m. πŸ”„ Last Modified: May 14, 2025, 4:41 p.m.

5.4

CVSS3.1

CVE-2024-5955 -

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator.

πŸ“… Published: Dec. 20, 2024, 5:53 a.m. πŸ”„ Last Modified: Dec. 20, 2024, 5:37 p.m.

7.7

CVSS4.0

CVE-2024-21549 -

Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL validation through the setUrl method. An attacker can exploit this vulnerability by utilizing view-source:file://, which allows for arbitrary file reading on a local file. **Note…

πŸ“… Published: Dec. 20, 2024, 5 a.m. πŸ”„ Last Modified: Oct. 1, 2025, 10:57 a.m.

5.5

CVSS3.1

CVE-2024-44298 -

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access information about a user's contacts.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:22 p.m.

5.5

CVSS3.1

CVE-2024-44293 -

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may be able to view sensitive user information.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:22 p.m.

7.5

CVSS3.1

CVE-2024-44211 -

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:21 p.m.

7.5

CVSS3.1

CVE-2024-44231 -

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. A person with physical access to a Mac may be able to bypass Login Window during a software update.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:20 p.m.

5.5

CVSS3.1

CVE-2024-44292 -

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:17 p.m.

7.5

CVSS3.1

CVE-2024-44195 -

A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:12 p.m.

4.6

CVSS3.1

CVE-2024-44223 -

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access to a Mac may be able to view protected content from the Login Window.

πŸ“… Published: Dec. 20, 2024, 4:06 a.m. πŸ”„ Last Modified: April 2, 2026, 6:11 p.m.
Total resulsts: 344055
Page 6891 of 34,406
Β« previous page Β» next page
Filters