7.1

CVSS3.1

CVE-2024-33526 -

A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.

πŸ“… Published: May 21, 2024, 2:52 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

7.2

CVSS3.1

CVE-2024-33529 -

ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types.

πŸ“… Published: May 21, 2024, 2:46 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

4.7

CVSS3.1

CVE-2024-33528 -

A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload.

πŸ“… Published: May 21, 2024, 2:44 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

6.4

CVSS3.1

CVE-2024-4452 - ElementsKit Pro <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the β€˜url’ parameter in versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions an…

πŸ“… Published: May 21, 2024, 1:51 p.m. πŸ”„ Last Modified: April 8, 2026, 6:21 p.m.

4.2

CVSS3.1

CVE-2024-35218 - Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane

Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting (XSS) enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in version(s) 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implemen…

πŸ“… Published: May 21, 2024, 1:42 p.m. πŸ”„ Last Modified: Feb. 12, 2025, 5:46 p.m.

4.3

CVSS3.1

CVE-2024-35385 -

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file.

πŸ“… Published: May 21, 2024, 1:39 p.m. πŸ”„ Last Modified: May 5, 2025, 5:19 p.m.

5.5

CVSS3.1

CVE-2024-35384 -

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.

πŸ“… Published: May 21, 2024, 1:38 p.m. πŸ”„ Last Modified: May 5, 2025, 5:20 p.m.

7.5

CVSS3.1

CVE-2024-35386 -

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.

πŸ“… Published: May 21, 2024, 1:36 p.m. πŸ”„ Last Modified: May 5, 2025, 5:15 p.m.

10

CVSS3.1

CVE-2023-3943 - Multiple buffer overflow in ZkTeco-based OEM devices

Stack-based Buffer Overflow vulnerability in ZkTeco-based OEM devices allows, in some cases, the execution of arbitrary code. Due to the lack of protection mechanisms such as stack canaries and PIE, it is possible to successfully execute code even under restrictive conditions. This issue affects …

πŸ“… Published: May 21, 2024, 1:32 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:18 a.m.

6.1

CVSS3.1

CVE-2024-34071 - Open Redirect Bypass Protection

Umbraco is an ASP.NET CMS used by more than 730.000 websites. Umbraco has an endpoint that is vulnerable to open redirects. The endpoint is protected so it requires the user to be signed into backoffice before the vulnerable is exposed. This vulnerability has been patched in version(s) 8.18.14, 10.…

πŸ“… Published: May 21, 2024, 1:31 p.m. πŸ”„ Last Modified: Feb. 12, 2025, 3:39 p.m.
Total resulsts: 343928
Page 9193 of 34,393
Β« previous page Β» next page
Filters