6.4
CVE-2024-8108 - Share This Image <= 2.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via alignment Pβ¦
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acceβ¦
5.3
CVE-2022-4100 - WP Cerber Security <= 9.4 - IP Protection Bypass
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the X-Fβ¦
4.4
CVE-2024-0111 - NVIDIA CUDA Toolkit: Denial of service in NVIDIA CUDA
NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' where a user may cause a crash or produce incorrect output by passing a malformed ELF file. A successful exploit of this vulnerability may lead to a limited denial of service or data tampering.
4.4
CVE-2024-0110 - NVIDIA CUDA Toolkit: code execution or denial of service in NVIDIA CUDA
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may lead to code execution or denial of service.
3.3
CVE-2024-0109 - NVIDIA CUDA Toolkit: Denial of service in NVIDIA CUDA
NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful exploit of this vulnerability may cause an out of bounds read in the unprivileged process memory which could lead to a limited denial of service.
6.7
CVE-2024-39579 -
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
6.4
CVE-2024-8276 - WPZOOM Portfolio Lite β Filterable Portfolio Plugin <= 1.4.4 - Authenticated (Contributor+) Stored β¦
The WPZOOM Portfolio Lite β Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βalignβ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. Tβ¦
6.3
CVE-2024-39578 -
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
6.1
CVE-2024-3886 - tagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βenvato_code[]β parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the on_ajax_check_envato_code function. This makes it possible for uβ¦
6.1
CVE-2024-5212 - tagDiv Composer <= 5.0 - Reflected Cross-Site Scripting via envato_code[]
The tagDiv Composer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the βenvato_code[]β parameter in all versions up to, and including, 5.0 due to insufficient input sanitization and output escaping within the on_ajax_register_forum_user function. This makes it possible forβ¦