6.1

CVSS3.1

CVE-2024-8714 - WordPress Affiliates Plugin β€” SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting

The WordPress Affiliates Plugin β€” SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.20. This makes it possible for unauthenticated attackers to …

πŸ“… Published: Sept. 13, 2024, 3:10 p.m. πŸ”„ Last Modified: April 8, 2026, 4:49 p.m.

6.1

CVSS3.1

CVE-2024-8732 - Roles & Capabilities <= 1.1.9 - Reflected Cross-Site Scripting

The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.1.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in …

πŸ“… Published: Sept. 13, 2024, 3:10 p.m. πŸ”„ Last Modified: April 8, 2026, 6:22 p.m.

6.4

CVSS3.1

CVE-2024-5789 - Triton Lite <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Shortcode

The Triton Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the theme's Button shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…

πŸ“… Published: Sept. 13, 2024, 3:10 p.m. πŸ”„ Last Modified: April 8, 2026, 4:33 p.m.

7.8

CVSS3.1

CVE-2024-43760 - Photoshop Desktop | Out-of-bounds Write (CWE-787)

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: Sept. 13, 2024, 9:37 a.m. πŸ”„ Last Modified: Sept. 18, 2024, 2:12 p.m.

7.8

CVSS3.1

CVE-2024-45109 - Photoshop Desktop | Out-of-bounds Write (CWE-787)

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: Sept. 13, 2024, 9:37 a.m. πŸ”„ Last Modified: Sept. 18, 2024, 2:13 p.m.

7.8

CVSS3.1

CVE-2024-43756 - Photoshop Desktop | Heap-based Buffer Overflow (CWE-122)

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: Sept. 13, 2024, 9:37 a.m. πŸ”„ Last Modified: Sept. 18, 2024, 2:14 p.m.

7.8

CVSS3.1

CVE-2024-45108 - Photoshop Desktop | Out-of-bounds Write (CWE-787)

Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“… Published: Sept. 13, 2024, 9:37 a.m. πŸ”„ Last Modified: Sept. 18, 2024, 2:14 p.m.

9.8

CVSS3.1

CVE-2024-41874 - ColdFusion | Deserialization of Untrusted Data (CWE-502)

ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability by providing crafted input to the application, which when …

πŸ“… Published: Sept. 13, 2024, 9:18 a.m. πŸ”„ Last Modified: Sept. 16, 2024, 12:56 p.m.

7.5

CVSS3.1

CVE-2024-45113 - ColdFusion | Improper Authentication (CWE-287)

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access and affect the integrity of the application. Exploitation of this issue does n…

πŸ“… Published: Sept. 13, 2024, 9:18 a.m. πŸ”„ Last Modified: Sept. 16, 2024, 12:56 p.m.

7.8

CVSS3.1

CVE-2024-41869 - Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open…

πŸ“… Published: Sept. 13, 2024, 8:58 a.m. πŸ”„ Last Modified: Sept. 19, 2024, 3:09 p.m.
Total resulsts: 349182
Page 8571 of 34,919
Β« previous page Β» next page
Filters