7.7
CVE-2024-10397 - Preallocated buffer overflows in XDR responses
A malicious server can crash the OpenAFS cache manager and other clientΒ utilities, and possibly execute arbitrary code.
6.5
CVE-2024-10396 - Fileserver crash and possible information leak on StoreACL/FetchACL
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to craβ¦
8.4
CVE-2024-10394 - Theft of credentials in Unix client PAGs
A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user stealΒ the credentials in that PAG.
7.5
CVE-2024-3760 - Email Bombing Vulnerability in lunary-ai/lunary
In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. Attackers can exploit this by automating forgot password requests to flood targeted user accounts with a high volume of password reset emails. This not only ovβ¦
0.0
CVE-2024-52369 - WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through <= 4.2.2.
0.0
CVE-2024-52370 - WordPress Hive Support β WordPress Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin <β¦
Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-support allows Upload a Web Shell to a Web Server.This issue affects Hive Support: from n/a through <= 1.1.1.
0.0
CVE-2024-52372 - WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through <= 7.0.0.
0.0
CVE-2024-52373 - WordPress Devexhub Gallery plugin <= 2.0.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery devexhub-gallery allows Upload a Web Shell to a Web Server.This issue affects Devexhub Gallery: from n/a through <= 2.0.1.
0.0
CVE-2024-52374 - WordPress Do That Task plugin <= 1.5.5 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task do-that-task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through <= 1.5.5.
0.0
CVE-2024-52375 - WordPress Datasets Manager by Arttia Creative plugin <= 1.5 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager by Arttia Creative datasets-manager-by-arttia-creative.This issue affects Datasets Manager by Arttia Creative: from n/a through <= 1.5.