4.9
CVE-2019-25218 - Photo Gallery Slideshow & Masonry Tiled Gallery <= 1.0.3 - Authenticated (Admin+) SQL Injection
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This β¦
6.1
CVE-2024-9219 - WordPress Social Share Buttons <= 1.19 - Reflected Cross-Site Scripting
The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.19. This makes it possible for unauthenticated attackers to inject arbitrary web scβ¦
7.8
CVE-2024-29213 -
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.
7.8
CVE-2024-29821 -
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.
8.8
CVE-2024-37404 -
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
4.3
CVE-2024-43577 - Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability
8.7
CVE-2024-10130 - Tenda AC8 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow
A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack can be initiated remotely. The β¦
5.3
CVE-2024-10129 - HFO4 shudong-share Share create_share.php sql injection
A vulnerability classified as critical has been found in HFO4 shudong-share up to 2.4.7. This affects an unknown part of the file /includes/create_share.php of the component Share Handler. The manipulation of the argument fkey leads to sql injection. It is possible to initiate the attack remotely. β¦
5.1
CVE-2024-10128 - Topdata Inner Rep Plus WebServer td.js.gz risky encryption
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads to risky cryptographic algorithm. The attack may be launched remotely. The exploit has been disclosβ¦
8.7
CVE-2024-10123 - Tenda AC8 saveParentControlInfo compare_parentcontrol_time stack-based overflow
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be laβ¦