8.2

CVSS4.0

CVE-2024-52269 - AI Assistant PDF Document Spoofing in DocuSign

User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user. For reference see:Β CVE-2024-52276 This issue affects DocuSign: through 2024-12-04.

πŸ“… Published: Dec. 4, 2024, 11:25 a.m. πŸ”„ Last Modified: Jan. 6, 2025, 6:15 p.m.

3.5

CVSS3.1

CVE-2024-54158 -

In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 30, 2025, 9:50 p.m.

4.3

CVSS3.1

CVE-2024-54157 -

In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 30, 2025, 9:47 p.m.

4.2

CVSS3.1

CVE-2024-54156 -

In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attack

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 30, 2025, 9:46 p.m.

3.7

CVSS3.1

CVE-2024-54155 -

In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 31, 2025, 2:53 p.m.

8

CVSS3.1

CVE-2024-54154 -

In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 31, 2025, 2:51 p.m.

3.1

CVSS3.1

CVE-2024-54153 -

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible via vulnerable query parameter

πŸ“… Published: Dec. 4, 2024, 11:16 a.m. πŸ”„ Last Modified: Jan. 31, 2025, 2:43 p.m.

0.0

CVE-2024-52278 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: Dec. 4, 2024, 11:15 a.m. πŸ”„ Last Modified: Dec. 4, 2024, 12:15 p.m.

6.4

CVSS3.1

CVE-2024-8962 - WPBITS Addons For Elementor Page Builder <= 1.5.2 - Authenticated (Author+) Stored Cross-Site Scrip…

The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author…

πŸ“… Published: Dec. 4, 2024, 11:08 a.m. πŸ”„ Last Modified: July 12, 2025, 10:16 p.m.

6.4

CVSS3.1

CVE-2024-11854 - Listdom – Business Directory and Classified Ads Listings WordPress Plugin <= 3.7.0 - Authenticated …

The Listdom – Business Directory and Classified Ads Listings WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the β€˜shortcode’ parameter in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. This makes it possibl…

πŸ“… Published: Dec. 4, 2024, 11:08 a.m. πŸ”„ Last Modified: Dec. 4, 2024, 2:09 p.m.
Total resulsts: 342307
Page 6939 of 34,231
Β« previous page Β» next page
Filters