Total
276535 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37372 | 2025-01-09 | N/A | ||
| The Permission Model assumes that any path starting with two backslashes \ has a four-character prefix that can be ignored, which is not always true. This subtle bug leads to vulnerable edge cases. | ||||
| CVE-2023-28120 | 1 Redhat | 1 Logging | 2025-01-09 | 6.1 Medium |
| There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. | ||||
| CVE-2024-5610 | 2025-01-08 | N/A | ||
| loading template... | ||||
| CVE-2023-34258 | 1 Bmc | 1 Patrol | 2025-01-08 | 7.5 High |
| An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution. | ||||
| CVE-2023-29551 | 1 Mozilla | 2 Firefox, Focus | 2025-01-08 | 8.8 High |
| Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112. | ||||
| CVE-2022-43462 | 1 Ip Blacklist Cloud Project | 1 Ip Blacklist Cloud | 2025-01-08 | 9.1 Critical |
| Auth. SQL Injection (SQLi) vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin <= 5.00 versions. | ||||
| CVE-2023-23824 | 1 Wp Topbar Project | 1 Wp Topbar | 2025-01-08 | 6.7 Medium |
| Auth. SQL Injection (SQLi) vulnerability in WP-TopBar <= 5.36 versions. | ||||
| CVE-2022-47615 | 1 Thimpress | 1 Learnpress | 2025-01-08 | 9.3 Critical |
| Local File Inclusion vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | ||||
| CVE-2022-45808 | 1 Thimpress | 1 Learnpress | 2025-01-08 | 9.9 Critical |
| SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. | ||||
| CVE-2022-31474 | 1 Ithemes | 1 Backupbuddy | 2025-01-08 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in iThemes BackupBuddy allows Path Traversal.This issue affects BackupBuddy: from 8.5.8.0 through 8.7.4.1. | ||||
| CVE-2022-38074 | 1 Veronalabs | 1 Wp Statistics | 2025-01-08 | 9.9 Critical |
| SQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions. | ||||
| CVE-2022-47605 | 1 Kunalnagar | 1 Custom 404 Pro | 2025-01-08 | 8.3 High |
| Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions. | ||||
| CVE-2023-30869 | 1 Sandhillsdev | 1 Easy Digital Downloads | 2025-01-08 | 9.8 Critical |
| Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1. | ||||
| CVE-2023-32243 | 1 Wpdeveloper | 1 Essential Addons For Elementor | 2025-01-08 | 9.8 Critical |
| Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1. | ||||
| CVE-2022-47167 | 1 Crayon Syntax Highlighter Project | 1 Crayon Syntax Highlighter | 2025-01-08 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions. | ||||
| CVE-2022-45376 | 1 Xootix | 1 Side Cart Woocommerce | 2025-01-08 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions. | ||||
| CVE-2022-45079 | 1 Loginizer | 1 Loginizer | 2025-01-08 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions. | ||||
| CVE-2022-45076 | 1 Webmat | 1 Flexible Elementor Panel | 2025-01-08 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions. | ||||
| CVE-2022-44739 | 1 Thingsforrestaurants | 1 Quick Restaurant Reservations | 2025-01-08 | 5.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions. | ||||
| CVE-2022-41608 | 1 Asgaros | 1 Asgaros Forum | 2025-01-08 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum plugin <= 2.2.0 versions. | ||||