Export limit exceeded: 337805 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337805 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44006 | 1 Onthegosystems | 1 Woocommerce Multilingual \& Multicurrency | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.6. | ||||
| CVE-2024-10919 | 1 Didi | 2 Super-jacoco, Super Jacoco | 2024-11-08 | 6.3 Medium |
| A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of the argument uuid leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-44019 | 1 Renzojohnson | 2 Contact Form 7 Campaign Monitor Extension, Contact Form 7 Compaign Monitor Extension | 2024-11-08 | 5.3 Medium |
| Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through 0.4.67. | ||||
| CVE-2024-44020 | 1 Prasadkirpekar | 1 Wp Free Ssl | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL – Free SSL Certificate for WordPress and force HTTPS allows . This issue affects WP Free SSL – Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6. | ||||
| CVE-2024-9484 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
| An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. | ||||
| CVE-2024-9483 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
| A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing. | ||||
| CVE-2024-9482 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
| An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. | ||||
| CVE-2024-9481 | 2 Avast, Avg | 2 Antivirus, Antivirus | 2024-11-08 | 5.1 Medium |
| An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. | ||||
| CVE-2024-43980 | 1 Cozythemes | 1 Fotawp | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1. | ||||
| CVE-2024-43979 | 1 Cozythemes | 1 Blockbooster | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10. | ||||
| CVE-2024-43974 | 1 Cozythemes | 1 Revivenews | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2. | ||||
| CVE-2024-43973 | 1 Ayecode | 1 Getpaid | 2024-11-08 | 4.3 Medium |
| Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through 2.8.11. | ||||
| CVE-2024-43968 | 1 Newspack | 1 Newspack | 2024-11-08 | 4.3 Medium |
| Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6. | ||||
| CVE-2024-43962 | 1 Lws | 1 Affiliation | 2024-11-08 | 5.4 Medium |
| Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4. | ||||
| CVE-2024-43956 | 1 Caseproof | 1 Memberpress | 2024-11-08 | 6.5 Medium |
| Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34. | ||||
| CVE-2024-52043 | 1 Humhub | 1 Humhub | 2024-11-08 | 5.3 Medium |
| Generation of Error Message Containing Sensitive Information in HumHub GmbH & Co. KG - HumHub on Linux allows: Excavation (user enumeration).This issue affects all released HumHub versions: through 1.16.2. | ||||
| CVE-2024-50446 | 1 Futuriowp | 1 Futurio Extra | 2024-11-08 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.11. | ||||
| CVE-2024-50445 | 1 Merkulove | 1 Selection Lite | 2024-11-08 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.13. | ||||
| CVE-2024-50441 | 1 Cozythemes | 1 Cozy Blocks | 2024-11-08 | 7.4 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15. | ||||
| CVE-2024-50440 | 1 Codepen | 1 Codepen | 2024-11-08 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2. | ||||