5.3
CVE-2024-43259 - WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in WebFactory Order Export for WooCommerce order-export-and-more-for-woocommerce.This issue affects Order Export for WooCommerce: from n/a through <= 3.23.
5.3
CVE-2024-43264 - WordPress Create by Mediavine plugin <= 1.9.8 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through <= 1.9.8.
0.0
CVE-2024-8188 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
4.5
CVE-2024-43802 - heap-buffer-overflow in ins_typebuf() in Vim < 9.1.0697
Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer to handle the next characters. So this may lead to the tb_off position within the tyβ¦
6.5
CVE-2024-43806 - `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `rustix::fs::Dir` using the `linux_raw` backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in `rustix::fs::Dir::read_more`, this can cause quick and β¦
0.0
CVE-2024-45295 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-45294. Reason: This candidate is a duplicate of CVE-2024-45294. Notes: All CVE users should reference CVE-2024-45294 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-45294. According tβ¦
8.5
CVE-2024-7401 - Client Enrollment Process Bypass
Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token βOrgkeyβ as authentication parameter. Since this is a static token, if leaked, cannot be rotated or revoked. A malicious actor can use this token to enroll NSClient from a customeβ¦
6.9
CVE-2024-8174 - code-projects Blood Bank System Login Page login.php cross site scripting
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site scripting. The attack can be β¦
5.3
CVE-2024-43283 - WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosuβ¦
Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2.
7.5
CVE-2024-43289 - WordPress wpForo Forum plugin <= 2.3.4 - Unauthenticated Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4.