6.4

CVSS3.1

CVE-2024-13399 - Gosign – Posts Slider Block <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Gosign – Posts Slider Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'posts-slider-block' block in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contr…

πŸ“… Published: Jan. 31, 2025, 2:24 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.9

CVSS3.1

CVE-2023-0092 -

An authenticated user who has read access to the juju controller model, may construct a remote request to download an arbitrary file from the controller's filesystem.

πŸ“… Published: Jan. 31, 2025, 1:41 a.m. πŸ”„ Last Modified: Aug. 26, 2025, 5:48 p.m.

0.0

CVE-2025-0919 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-0818. Reason: This candidate is a reservation duplicate of CVE-2025-0818. Notes: All CVE users should reference CVE-2025-0818 instead of this candidate. All references and descriptions in this candidate have been removed to prevent…

πŸ“… Published: Jan. 31, 2025, 1:33 a.m. πŸ”„ Last Modified: Feb. 12, 2025, 5:15 p.m.

0.0

CVE-2024-13817 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

πŸ“… Published: Jan. 31, 2025, 1:21 a.m. πŸ”„ Last Modified: Jan. 31, 2025, 3:15 a.m.

3.1

CVSS3.1

CVE-2020-11936 -

gdbus setgid privilege escalation

πŸ“… Published: Jan. 31, 2025, 1:18 a.m. πŸ”„ Last Modified: Aug. 26, 2025, 5:49 p.m.

7.5

CVSS3.1

CVE-2022-28653 -

Users can consume unlimited disk space in /var/crash

πŸ“… Published: Jan. 31, 2025, 12:50 a.m. πŸ”„ Last Modified: Aug. 26, 2025, 5:49 p.m.

8.8

CVSS3.1

CVE-2024-23921 - ChargePoint Home Flex Command Injection

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanapp module. The issue results from the lack of …

πŸ“… Published: Jan. 31, 2025, 12:17 a.m. πŸ”„ Last Modified: July 1, 2025, 2:15 p.m.

8.8

CVSS3.1

CVE-2024-23920 - ChargePoint Home Flex Improper Access Control

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the onboardee module. The issue results from improper a…

πŸ“… Published: Jan. 31, 2025, 12:15 a.m. πŸ”„ Last Modified: July 1, 2025, 2:15 p.m.

7.3

CVSS3.1

CVE-2024-23929 - Pioneer DMH-WT7600NEX Telematics Directory Traversal

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Pioneer DMH-WT7600NEX devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the t…

πŸ“… Published: Jan. 31, 2025, 12:13 a.m. πŸ”„ Last Modified: July 1, 2025, 2:15 p.m.

6.5

CVSS3.1

CVE-2024-23928 - Pioneer DMH-WT7600NEX Telematics Improper Certificate Validation

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telematics functionality, which o…

πŸ“… Published: Jan. 31, 2025, 12:09 a.m. πŸ”„ Last Modified: July 9, 2025, 3:22 p.m.
Total resulsts: 349182
Page 6895 of 34,919
Β« previous page Β» next page
Filters