Total
277502 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-40125 | 2 Closed-loop, Closedlooptechnology | 2 Cless Server, Cless Server | 2024-09-25 | 9.8 Critical |
| An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. | ||||
| CVE-2024-45452 | 1 Cryoutcreations | 1 Septera | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1. | ||||
| CVE-2024-43970 | 1 Surecart | 1 Surecart | 2024-09-25 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3. | ||||
| CVE-2024-43971 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2024-09-25 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.2.5. | ||||
| CVE-2024-43972 | 1 Pagelayer | 1 Pagelayer | 2024-09-25 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows Stored XSS.This issue affects PageLayer: from n/a through 1.8.7. | ||||
| CVE-2024-43975 | 1 Superstorefinder | 1 Super Store Finder | 2024-09-25 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in highwarden Super Store Finder allows Cross-Site Scripting (XSS).This issue affects Super Store Finder: from n/a through 6.9.7. | ||||
| CVE-2024-43983 | 1 Podlove | 1 Podlove Podcast Publisher | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through 4.1.13. | ||||
| CVE-2024-43987 | 1 Wayneconnor | 1 Sliding Door | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wayneconnor Sliding Door allows Stored XSS.This issue affects Sliding Door: from n/a through 3.6. | ||||
| CVE-2024-43988 | 1 Digitalnature | 1 Mystique | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5.7. | ||||
| CVE-2024-43991 | 1 Webdzier | 1 Hotel Galaxy | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webdzier Hotel Galaxy allows Stored XSS.This issue affects Hotel Galaxy: from n/a through 4.4.24. | ||||
| CVE-2024-8944 | 2 Code-projects, Fabianros | 2 Hospital Management System, Hospital Management System | 2024-09-25 | 7.3 High |
| A vulnerability, which was classified as critical, was found in code-projects Hospital Management System 1.0. This affects an unknown part of the file check_availability.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-43992 | 1 Latepoint | 1 Latepoint | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Latepoint LatePoint allows Stored XSS.This issue affects LatePoint: from n/a through 4.9.91. | ||||
| CVE-2024-43993 | 1 Cryoutcreations | 1 Liquido | 2024-09-25 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Liquido allows Stored XSS.This issue affects Liquido: from n/a through 1.0.1.2. | ||||
| CVE-2024-40856 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-09-25 | 7.5 High |
| An integrity issue was addressed with Beacon Protection. This issue is fixed in iOS 18 and iPadOS 18, tvOS 18, macOS Sequoia 15. An attacker may be able to force a device to disconnect from a secure network. | ||||
| CVE-2024-40857 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2024-09-25 | 6.1 Medium |
| This issue was addressed through improved state management. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web content may lead to universal cross site scripting. | ||||
| CVE-2024-40860 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | ||||
| CVE-2024-40863 | 1 Apple | 2 Ipados, Iphone Os | 2024-09-25 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information. | ||||
| CVE-2024-44125 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. A malicious application may be able to leak sensitive user information. | ||||
| CVE-2024-44128 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An Automator Quick Action workflow may be able to bypass Gatekeeper. | ||||
| CVE-2024-44129 | 1 Apple | 1 Macos | 2024-09-25 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7, macOS Sequoia 15. An app may be able to leak sensitive user information. | ||||