Export limit exceeded: 336573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336573 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-48028 | 1 Boyan Raichev | 1 Ip Loc8 | 2024-10-16 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection.This issue affects IP Loc8: from n/a through 1.1. | ||||
| CVE-2023-32191 | 1 Suse | 1 Rke | 2024-10-16 | 9.9 Critical |
| When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. | ||||
| CVE-2023-32193 | 1 Rancher | 1 Norman | 2024-10-16 | 8.3 High |
| A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. | ||||
| CVE-2024-49251 | 1 Maantheme | 1 Maan Addons For Elementor | 2024-10-16 | 7.5 High |
| : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maantheme Maan Addons For Elementor allows Local Code Inclusion.This issue affects Maan Addons For Elementor: from n/a through 1.0.1. | ||||
| CVE-2024-49257 | 1 Denis | 1 Azz Anonim Posting | 2024-10-16 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Denis Azz Anonim Posting allows Upload a Web Shell to a Web Server.This issue affects Azz Anonim Posting: from n/a through 0.9. | ||||
| CVE-2024-47645 | 1 Sajidjaved | 1 Top Bar-popups-by Wpoptin | 2024-10-16 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sajid Javed Top Bar – PopUps – by WPOptin allows PHP Local File Inclusion.This issue affects Top Bar – PopUps – by WPOptin: from n/a through 2.0.1. | ||||
| CVE-2024-22030 | 1 Suse | 1 Rancher | 2024-10-16 | 8 High |
| A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The targeted domain is the one used as the Rancher URL. | ||||
| CVE-2024-49260 | 1 Limb | 1 Limb Image Gallery | 2024-10-16 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery allows Code Injection.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through 1.5.7. | ||||
| CVE-2024-49258 | 2024-10-16 | 6.5 Medium | ||
| Path Traversal: '.../...//' vulnerability in Limb WordPress Gallery Plugin – Limb Image Gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through 1.5.7. | ||||
| CVE-2024-49254 | 1 Sunjianle | 1 Ajax Extend | 2024-10-16 | 10 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code Injection.This issue affects ajax-extend: from n/a through 1.0. | ||||
| CVE-2024-49242 | 1 Shafiq | 1 Digital Library | 2024-10-16 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Shafiq Digital Lottery allows Upload a Web Shell to a Web Server.This issue affects Digital Lottery: from n/a through 3.0.5. | ||||
| CVE-2024-49227 | 1 Innovawebspzoo | 1 Free Stock Photos Foter | 2024-10-16 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through 1.5.4. | ||||
| CVE-2024-49218 | 1 Recently Project | 1 Recently | 2024-10-16 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object Injection.This issue affects Recently: from n/a through 1.1. | ||||
| CVE-2024-49216 | 1 Joshua Clayton | 1 Feed Comments Number | 2024-10-16 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Clayton Feed Comments Number allows Upload a Web Shell to a Web Server.This issue affects Feed Comments Number: from n/a through 0.2.1. | ||||
| CVE-2024-48042 | 1 Supsystic | 1 Contact Form | 2024-10-16 | 9.1 Critical |
| Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Contact Form by Supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through 1.7.28. | ||||
| CVE-2024-48034 | 1 Fliperr Team | 1 Creates 3d Flipbook Pdf Flipbook | 2024-10-16 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Fliperrr Team Creates 3D Flipbook, PDF Flipbook allows Upload a Web Shell to a Web Server.This issue affects Creates 3D Flipbook, PDF Flipbook: from n/a through 1.2. | ||||
| CVE-2024-48026 | 1 Grayson Robbins | 1 Disc Golf Manager | 2024-10-16 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through 1.0.0. | ||||
| CVE-2024-47649 | 1 Thatplugin | 1 Iconize | 2024-10-16 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in THATplugin Iconize.This issue affects Iconize: from n/a through 1.2.4. | ||||
| CVE-2024-47351 | 1 Thecssigniterteam | 1 Maxslider | 2024-10-16 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The CSSIgniter Team MaxSlider allows Path Traversal.This issue affects MaxSlider: from n/a through 1.2.3. | ||||
| CVE-2024-8040 | 2024-10-16 | 7.7 High | ||
| An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x allows an authenticated attacker to access some unauthorized data. | ||||