Total
3292 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-51519 | 1 Soliloquywp | 1 Slider | 2024-08-07 | 4.3 Medium |
| Missing Authorization vulnerability in Soliloquy Team Slider by Soliloquy.This issue affects Slider by Soliloquy: from n/a through 2.7.2. | ||||
| CVE-2023-51682 | 1 Ibericode | 1 Mailchimp | 2024-08-07 | 5.3 Medium |
| Missing Authorization vulnerability in ibericode MC4WP.This issue affects MC4WP: from n/a through 4.9.9. | ||||
| CVE-2023-52233 | 1 Wpexperts | 1 Post Smtp Mailer | 2024-08-07 | 8.6 High |
| Missing Authorization vulnerability in Post SMTP Post SMTP Mailer/Email Log.This issue affects Post SMTP Mailer/Email Log: from n/a through 2.8.6. | ||||
| CVE-2024-23521 | 1 Happyforms | 1 Happyforms | 2024-08-07 | 5.3 Medium |
| Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10. | ||||
| CVE-2024-34753 | 1 Softlabbd | 1 Radio Player | 2024-08-07 | 5.3 Medium |
| Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | ||||
| CVE-2023-49980 | 2024-08-07 | 7.5 High | ||
| A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization. | ||||
| CVE-2024-34821 | 1 Contactlistpro | 1 Contact List | 2024-08-07 | 5.3 Medium |
| Missing Authorization vulnerability in Contact List PRO Contact List – Easy Business Directory, Staff Directory and Address Book Plugin.This issue affects Contact List – Easy Business Directory, Staff Directory and Address Book Plugin: from n/a through 2.9.87. | ||||
| CVE-2024-23503 | 1 Wpmanageninja | 1 Ninja Tables | 2024-08-07 | 4.3 Medium |
| Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.6. | ||||
| CVE-2024-34822 | 1 Wedevs | 1 Wemail | 2024-08-07 | 5.3 Medium |
| Missing Authorization vulnerability in weDevs weMail.This issue affects weMail: from n/a through 1.14.2. | ||||
| CVE-2009-3781 | 1 Quicksketch | 1 Filefield | 2024-08-07 | N/A |
| The filefield_file_download function in FileField 6.x-3.1, a module for Drupal, does not properly check node-access permissions for Drupal core private files, which allows remote attackers to access unauthorized files via unspecified vectors. | ||||
| CVE-2009-3168 | 1 Mevin | 1 Basic Php Events Lister | 2024-08-07 | N/A |
| Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request. | ||||
| CVE-2009-1185 | 8 Canonical, Debian, Fedoraproject and 5 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-08-07 | N/A |
| udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | ||||
| CVE-2012-6614 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2024-08-06 | 7.2 High |
| D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | ||||
| CVE-2012-4245 | 1 Gimp | 1 Gimp | 2024-08-06 | N/A |
| The scriptfu network server in GIMP 2.6 does not require authentication, which allows remote attackers to execute arbitrary commands via the python-fu-eval command. | ||||
| CVE-2012-0055 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-08-06 | 7.8 High |
| OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | ||||
| CVE-2024-24799 | 2024-08-06 | 6.5 Medium | ||
| Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2. | ||||
| CVE-2013-6496 | 1 Redhat | 2 Conga, Rhel Cluster | 2024-08-06 | N/A |
| Red Hat Conga 0.12.2 allows remote attackers to obtain sensitive information via a crafted request to the (1) homebase, (2) cluster, (3) storage, (4) portal_skins/custom, or (5) logs Luci extension. | ||||
| CVE-2013-4480 | 2 Redhat, Suse | 5 Network Satellite, Satellite, Satellite With Embedded Oracle and 2 more | 2024-08-06 | N/A |
| Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. | ||||
| CVE-2013-4226 | 1 Drupal | 1 Authenticated User Page Caching | 2024-08-06 | 6.5 Medium |
| The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser. | ||||
| CVE-2013-4182 | 2 Redhat, Theforeman | 4 Openstack, Satellite, Satellite Capsule and 1 more | 2024-08-06 | N/A |
| app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request. | ||||