scip AG [Security - Consulting - Information - Process]

CVE-2023-52722 | Artifex Ghostscript up to 10.01.0 SAFER Mode psi/zmisc1.c Privilege Escalation

28.04.2024 03:57

A vulnerability, which was classified as problematic, has been found in Artifex Ghostscript up to 10.01.0. This issue affects some unknown processing of the file psi/zmisc1.c of the component SAFER Mo...

CVE-2024-33851 | paragonie phpecc up to 2.0.0 timing discrepancy

28.04.2024 03:56

A vulnerability classified as problematic was found in paragonie phpecc up to 2.0.0. This vulnerability affects unknown code. The manipulation leads to observable timing discrepancy. This vulnerabili...

CVE-2022-48685 | Logpoint up to 7.1.1 clean_secbi_old_logs Local Privilege Escalation

28.04.2024 03:56

A vulnerability classified as critical has been found in Logpoint up to 7.1.1. This affects an unknown part of the file clean_secbi_old_logs. The manipulation leads to Local Privilege Escalation. Thi...

CVE-2022-48684 | Logpoint up to 7.1.0 Template injection

28.04.2024 03:56

A vulnerability was found in Logpoint up to 7.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Template Handler. The manipulation leads to i...

CVE-2024-25048 | IBM MQ Appliance 9.3 heap-based overflow (XFDB-283137)

27.04.2024 15:40

A vulnerability was found in IBM MQ Appliance 9.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to heap-based buffer overflow. ...

CVE-2023-1000 | cyanomiko dcnnt-py up to 0.9.0 Notification notifications.py main command injection (ID 23)

27.04.2024 10:51

A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has been classified as critical. Affected is the function main of the file dcnnt/plugins/notifications.py of the component Notification ...

CVE-2024-32493 | Znuny up to 6.5.7/7.0.16 AJAX Request ID sql injection

27.04.2024 10:45

A vulnerability was found in Znuny up to 6.5.7/7.0.16 and classified as critical. This issue affects some unknown processing of the component AJAX Request Handler. The manipulation of the argument ID ...

CVE-2024-32492 | Znuny up to 7.0.16 Ticket Detail View cross site scripting

27.04.2024 10:44

A vulnerability has been found in Znuny up to 7.0.16 and classified as problematic. This vulnerability affects unknown code of the component Ticket Detail View. The manipulation leads to cross site sc...

CVE-2024-32491 | Znuny up to 7.0.16 DB.pm FormIDAddFile Filename unrestricted upload (ZSA-2024-01)

27.04.2024 10:43

A vulnerability, which was classified as critical, was found in Znuny up to 7.0.16. This affects the function FormIDAddFile of the file Kernel/System/Web/UploadCache/DB.pm. The manipulation of the arg...

CVE-2024-4294 | PHPGurukul Doctor Appointment Management System 1.0 view-appointment-detail.php editid resource injection

27.04.2024 08:44

A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknown functionality of the file /doctor/view-...

CVE-2024-4293 | PHPGurukul Doctor Appointment Management System 1.0 appointment-bwdates-reports-details.php fromdate/todate cross site scripting

27.04.2024 08:18

A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file appointment-bwdates-r...

CVE-2024-4292 | Contemporary Controls BASrouter BACnet BASRT-B 2.7.2 Device-Communication-Control Service denial of service

27.04.2024 08:07

A vulnerability classified as critical has been found in Contemporary Controls BASrouter BACnet BASRT-B 2.7.2. Affected is an unknown function of the component Device-Communication-Control Service. Th...

CVE-2024-4291 | Tenda A301 15.13.08.12_multi_TDE01 /goform/setBlackRule formAddMacfilterRule deviceList stack-based overflow

27.04.2024 07:54

A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation ...

CVE-2024-3819 | Jeg Elementor Kit Plugin up to 2.6.4 on WordPress JKit Banner cross site scripting

27.04.2024 07:45

A vulnerability was found in Jeg Elementor Kit Plugin up to 2.6.4 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument JKit Bann...

CVE-2024-3588 | Getwid Plugin up to 2.0.7 on WordPress Countdown cross site scripting

27.04.2024 07:44

A vulnerability was found in Getwid Plugin up to 2.0.7 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument Countdown leads to cross site...

CVE-2024-3309 | Qi Addons for Elementor Plugin up to 1.7.0 on WordPress Countdown Widget cross site scripting

27.04.2024 07:44

A vulnerability was found in Qi Addons for Elementor Plugin up to 1.7.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Countdown Widg...

CVE-2024-3342 | MotoPress Timetable and Event Schedule Plugin up to 2.4.11 on WordPress sql injection

27.04.2024 07:44

A vulnerability has been found in MotoPress Timetable and Event Schedule Plugin up to 2.4.11 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The ma...

CVE-2024-3553 | Tutor LMS Plugin up to 2.6.2 on WordPress Options Update authorization

27.04.2024 07:44

A vulnerability, which was classified as problematic, was found in Tutor LMS Plugin up to 2.6.2 on WordPress. Affected is an unknown function of the component Options Update Handler. The manipulation ...

CVE-2024-1584 | Analytify Plugin up to 5.2.1 on WordPress Google Analytics Tracking ID authorization

27.04.2024 07:43

A vulnerability, which was classified as problematic, has been found in Analytify Plugin up to 5.2.1 on WordPress. This issue affects some unknown processing of the component Google Analytics Tracking...

CVE-2024-3107 | Spectra Plugin up to 2.12.6 on WordPress path traversal

27.04.2024 07:43

A vulnerability classified as critical was found in Spectra Plugin up to 2.12.6 on WordPress. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was...

CVE-2024-32883 | mcu-tools MCUboot up to 1.11.0 integrity check (GHSA-m59c-q9gq-rh2j)

27.04.2024 07:31

A vulnerability classified as problematic has been found in mcu-tools MCUboot up to 1.11.0. This affects an unknown part. The manipulation leads to improper validation of integrity check value. This ...

CVE-2024-32887 | Sidekiq up to 7.2.3 substr cross site scripting (GHSA-q655-3pj8-9fxq)

27.04.2024 07:31

A vulnerability was found in Sidekiq up to 7.2.3. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument substr leads to cross site sc...

CVE-2024-31601 | Beijing Panabit Network Software Panalog Big Data Analysis Platform up to 20240323 exportpdf.php Privilege Escalation

27.04.2024 07:30

A vulnerability was found in Beijing Panabit Network Software Panalog Big Data Analysis Platform up to 20240323. It has been declared as problematic. Affected by this vulnerability is an unknown funct...

CVE-2024-31828 | Lavalite CMS 10.1.0 URL cross site scripting

27.04.2024 07:21

A vulnerability was found in Lavalite CMS 10.1.0. It has been classified as problematic. Affected is an unknown function of the component URL Handler. The manipulation leads to cross site scripting. ...

CVE-2024-31741 | MiniCMS 1.11 cross site scripting (Issue 49)

27.04.2024 07:21

A vulnerability was found in MiniCMS 1.11 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnera...

CVE-2024-3052 | Silabs Z-IP Gateway SDK prior 7.14.00 S2 Nonce Get Command Class unusual condition

27.04.2024 07:21

A vulnerability has been found in Silabs Z-IP Gateway SDK and classified as critical. This vulnerability affects unknown code of the component S2 Nonce Get Command Class Handler. The manipulation lead...

CVE-2024-30804 | Asus Fan_Xpert prior 10013 DeviceIoControl Privilege Escalation

27.04.2024 07:21

A vulnerability, which was classified as problematic, was found in Asus Fan_Xpert. This affects an unknown part of the component DeviceIoControl. The manipulation leads to Privilege Escalation. This ...

CVE-2024-3051 | silabs ZIP Gateway SDK up to 7.18.03 Device Reset unusual condition

27.04.2024 07:21

A vulnerability, which was classified as critical, has been found in silabs ZIP Gateway SDK up to 7.18.03. Affected by this issue is some unknown functionality of the component Device Reset Handler. T...

CVE-2024-31551 | CmsEasy 7.7.7.9 GET Request image.admin.php path traversal

27.04.2024 07:20

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. Affected by this vulnerability is an unknown functionality in the library lib/admin/image.admin.php of the component GET Request Ha...

CVE-2024-2859 | Brocade SANnav 2.3.0 access control

27.04.2024 07:20

A vulnerability classified as critical has been found in Brocade SANnav 2.3.0. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE...

CVE-2024-31502 | Insurance Management System up to 1.0.0 POST Request /admin/core/new_staff Privilege Escalation

26.04.2024 23:06

A vulnerability was found in Insurance Management System up to 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/core/new_staff of the component POST ...

CVE-2024-32881 | danswer-ai danswer up to 0.3.62 improper authorization

26.04.2024 23:06

A vulnerability was found in danswer-ai danswer up to 0.3.62. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authorization. This vulnera...

CVE-2024-32878 | ggerganov llama.cpp gguf_init_from_file missing initialization (b2740)

26.04.2024 23:06

A vulnerability was found in ggerganov llama.cpp. It has been classified as problematic. This affects the function gguf_init_from_file. The manipulation leads to missing initialization of a variable. ...

CVE-2022-48611 | Apple iTunes up to 12.12.3 on Windows Local Privilege Escalation (ID 103001)

26.04.2024 22:53

A vulnerability was found in Apple iTunes up to 12.12.3 on Windows and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to Local Privilege Escala...

CVE-2024-25343 | Tenda N300 F3 Security Policy weak password

26.04.2024 22:51

A vulnerability has been found in Tenda N300 F3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Security Policy Handler. The manipulation lea...

CVE-2024-28326 | Asus RT-N12+ B1 UART Interface access control

26.04.2024 21:46

A vulnerability, which was classified as critical, was found in Asus RT-N12+ B1. Affected is an unknown function of the component UART Interface. The manipulation leads to improper access controls. T...

CVE-2024-28327 | Asus RT-N12+ B1 Setting cleartext storage

26.04.2024 21:46

A vulnerability, which was classified as problematic, has been found in Asus RT-N12+ B1. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cleartex...

CVE-2023-26603 | JumpCloud Agent up to 1.177.x temp file

26.04.2024 21:45

A vulnerability classified as critical was found in JumpCloud Agent up to 1.177.x. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. This vulnerability was n...

CVE-2023-50739 | Lexmark CX331adwe IPP Server heap-based overflow

26.04.2024 21:19

A vulnerability classified as critical has been found in Lexmark CX331adwe. This affects an unknown part of the component IPP Server. The manipulation leads to heap-based buffer overflow. This vulner...

CVE-2024-32884 | Byron gitoxide up to 0.34.x/0.41.x/0.61.x Username command injection (GHSA-98p4-xjmm-8mfh)

26.04.2024 21:19

A vulnerability was found in Byron gitoxide up to 0.34.x/0.41.x/0.61.x. It has been rated as critical. Affected by this issue is some unknown functionality of the component Username Handler. The manip...

CVE-2024-28325 | Asus RT-N12+ B1 cleartext storage

26.04.2024 21:18

A vulnerability was found in Asus RT-N12+ B1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext storage of sensitive ...

CVE-2024-33344 | D-Link DIR-822+ 1.0.5 upload_firmware.cgi ftext command injection

26.04.2024 20:05

A vulnerability was found in D-Link DIR-822+ 1.0.5. It has been classified as critical. Affected is the function ftext of the file upload_firmware.cgi. The manipulation leads to command injection. Th...

CVE-2024-33343 | D-Link DIR-822+ 1.0.5 prog.cgi ChgSambaUserSettings command injection

26.04.2024 20:05

A vulnerability was found in D-Link DIR-822+ 1.0.5 and classified as critical. This issue affects the function ChgSambaUserSettings of the file prog.cgi. The manipulation leads to command injection. ...

CVE-2024-33342 | D-Link DIR-822+ 1.0.5 prog.cgi SetPlcNetworkpwd command injection

26.04.2024 20:05

A vulnerability has been found in D-Link DIR-822+ 1.0.5 and classified as critical. This vulnerability affects the function SetPlcNetworkpwd of the file prog.cgi. The manipulation leads to command inj...

CVE-2024-3870 | Contact Form 7 Database Addon Plugin up to 1.2.6.8 on WordPress information disclosure

26.04.2024 19:04

A vulnerability, which was classified as problematic, was found in Contact Form 7 Database Addon Plugin up to 1.2.6.8 on WordPress. This affects an unknown part. The manipulation leads to information ...

CVE-2024-1572 | WP ULike Plugin up to 4.6.9 on WordPress Shortcode cross site scripting

26.04.2024 19:03

A vulnerability, which was classified as problematic, has been found in WP ULike Plugin up to 4.6.9 on WordPress. Affected by this issue is some unknown functionality of the component Shortcode Handle...

CVE-2024-1716 | Admin Bar Remover Plugin up to 1.0.2.2 on WordPress Setting authorization

26.04.2024 19:03

A vulnerability classified as problematic was found in Admin Bar Remover Plugin up to 1.0.2.2 on WordPress. Affected by this vulnerability is an unknown functionality of the component Setting Handler....

CVE-2024-2258 | 10Web Form Maker Plugin up to 1.15.24 on WordPress cross site scripting

26.04.2024 19:03

A vulnerability classified as problematic has been found in 10Web Form Maker Plugin up to 1.15.24 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This v...

CVE-2024-1759 | WP ULike Plugin up to 4.6.9 on WordPress cross site scripting

26.04.2024 19:03

A vulnerability was found in WP ULike Plugin up to 4.6.9 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. Th...

CVE-2024-2838 | WPC Composite Products for WooCommerce Plugin up to 7.2.7 on WordPress cross site scripting

26.04.2024 19:03

A vulnerability was found in WPC Composite Products for WooCommerce Plugin up to 7.2.7 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation lead...

CVE-2024-3034 | BackUpWordPress Plugin up to 3.13 on WordPress path traversal

26.04.2024 19:03

A vulnerability was found in BackUpWordPress Plugin up to 3.13 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to path traversal. This vulnerabi...

CVE-2024-1797 | WP ULike Plugin up to 4.6.9 on WordPress Shortcode sql injection

26.04.2024 19:02

A vulnerability was found in WP ULike Plugin up to 4.6.9 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulat...

CVE-2024-33263 | QuickJS 3b45d15 quickjs.c JS_FreeRuntime assertion (Issue 277)

26.04.2024 19:01

A vulnerability has been found in QuickJS 3b45d15 and classified as critical. Affected by this vulnerability is the function JS_FreeRuntime of the file quickjs.c. The manipulation leads to reachable a...

CVE-2024-33255 | JerryScript cefd391 ecma_free_string_list assertion (Issue 5135)

26.04.2024 19:01

A vulnerability, which was classified as critical, was found in JerryScript cefd391. Affected is the function ecma_free_string_list. The manipulation leads to reachable assertion. This vulnerability ...

CVE-2024-33259 | JerryScript js-scanner-util.c scanner_seek memory corruption (Issue 5132)

26.04.2024 19:01

A vulnerability, which was classified as critical, has been found in JerryScript. This issue affects the function scanner_seek of the file jerry-core/parser/js/js-scanner-util.c. The manipulation lead...

CVE-2024-33260 | JerryScript cefd391 js-parser-expr.c parser_parse_class memory corruption (Issue 5133)

26.04.2024 19:01

A vulnerability classified as critical was found in JerryScript cefd391. This vulnerability affects the function parser_parse_class of the file jerry-core/parser/js/js-parser-expr.c. The manipulation ...

CVE-2024-33258 | JerryScript ff9ff8f jerry-core/vm/vm.c vm_loop memory corruption (Issue 5114)

26.04.2024 19:01

A vulnerability classified as critical has been found in JerryScript ff9ff8f. This affects the function vm_loop of the file jerry-core/vm/vm.c. The manipulation leads to memory corruption. This vulne...

CVE-2023-51794 | FFmpeg N113007-g8d24a28d06 af_stereowiden.c buffer overflow (ID 10746)

26.04.2024 19:01

A vulnerability was found in FFmpeg N113007-g8d24a28d06. It has been rated as critical. Affected by this issue is some unknown functionality of the file libavfilter/af_stereowiden.c. The manipulation ...

CVE-2024-27790 | Claris FileMaker Server up to 20.3.1 Client Request improper authorization

26.04.2024 18:59

A vulnerability was found in Claris FileMaker Server up to 20.3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Client Request Handler....

CVE-2023-42955 | Claris FileMaker Server up to 20.3.0 Admin Console information disclosure

26.04.2024 18:59

A vulnerability was found in Claris FileMaker Server up to 20.3.0. It has been classified as problematic. Affected is an unknown function of the component Admin Console. The manipulation leads to info...

CVE-2024-32764 | QNAP myQNAPcloud Link up to 2.4.50 missing authentication (qsa-24-09)

26.04.2024 18:59

A vulnerability was found in QNAP myQNAPcloud Link up to 2.4.50 and classified as critical. This issue affects some unknown processing. The manipulation leads to missing authentication. The identific...

CVE-2023-47222 | QNAP Media Streaming Add-On prior 500.1.1.5 information disclosure (qsa-24-15)

26.04.2024 18:58

A vulnerability has been found in QNAP Media Streaming Add-On and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerabil...

CVE-2024-28328 | Asus RT-N12+ client name csv injection

26.04.2024 18:58

A vulnerability, which was classified as critical, was found in Asus RT-N12+. This affects an unknown part. The manipulation of the argument client name leads to csv injection. This vulnerability is ...

CVE-2024-32476 | argoproj argo-cd prior 2.8.16/2.9.12/2.10.7 ignoreDifferences resource consumption (GHSA-9m6p-x4h2-6frq)

26.04.2024 18:58

A vulnerability, which was classified as critical, has been found in argoproj argo-cd. Affected by this issue is the function ignoreDifferences. The manipulation leads to resource consumption. This v...

CVE-2024-32730 | SAP Enable Now authorization

26.04.2024 18:57

A vulnerability classified as problematic was found in SAP Enable Now. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization. This vulnerability ...

CVE-2023-41291 | QNAP QuFirewall up to 2.4.0 path traversal (qsa-24-17)

26.04.2024 18:57

A vulnerability classified as problematic has been found in QNAP QuFirewall up to 2.4.0. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE...

CVE-2023-41290 | QNAP Systems QuFirewall up to 2.4.0 path traversal (qsa-24-17)

26.04.2024 18:56

A vulnerability was found in QNAP Systems QuFirewall up to 2.4.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to path traversal. The identific...

CVE-2024-32766 | QNAP QTS/QuTS hero/QuTScloud command injection (qsa-24-09)

26.04.2024 18:56

A vulnerability was found in QNAP QTS, QuTS hero and QuTScloud. It has been declared as very critical. This vulnerability affects unknown code. The manipulation leads to command injection. This vulne...

CVE-2024-27124 | QNAP QTS/QuTS hero/QuTScloud os command injection (qsa-24-09)

26.04.2024 18:56

A vulnerability was found in QNAP QTS, QuTS hero and QuTScloud. It has been classified as very critical. This affects an unknown part. The manipulation leads to os command injection. This vulnerabili...

CVE-2024-21905 | QNAP QTS/QuTS hero/QuTScloud integer overflow (qsa-24-16)

26.04.2024 18:55

A vulnerability was found in QNAP QTS, QuTS hero and QuTScloud and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to integer overflow. This vulne...

CVE-2023-51365 | QNAP QTS/QuTS hero/QuTScloud path traversal (qsa-24-14)

26.04.2024 18:55

A vulnerability has been found in QNAP QTS, QuTS hero and QuTScloud and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. T...

CVE-2023-51364 | QNAP QTS/QuTS hero/QuTScloud path traversal (qsa-24-14)

26.04.2024 18:55

A vulnerability, which was classified as critical, was found in QNAP QTS, QuTS hero and QuTScloud. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is tra...

CVE-2023-50364 | QNAP QTS/QuTS hero buffer overflow (qsa-24-20)

26.04.2024 18:55

A vulnerability, which was classified as critical, has been found in QNAP QTS and QuTS hero. This issue affects some unknown processing. The manipulation leads to buffer overflow. The identification ...

CVE-2023-50363 | QNAP QTS/QuTS hero authorization (qsa-24-20)

26.04.2024 18:54

A vulnerability classified as critical was found in QNAP QTS and QuTS hero. This vulnerability affects unknown code. The manipulation leads to incorrect authorization. This vulnerability was named CV...

CVE-2023-50362 | QNAP QTS/QuTS hero buffer overflow (qsa-24-20)

26.04.2024 18:54

A vulnerability classified as critical has been found in QNAP QTS and QuTS hero. This affects an unknown part. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as ...

CVE-2023-50361 | QNAP QTS/QuTS hero buffer overflow (qsa-24-20)

26.04.2024 18:54

A vulnerability was found in QNAP QTS and QuTS hero. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to buffer overflow. This vulnerability...

CVE-2022-40975 | Aazztech Post Slider Plugin up to 1.6.7 on WordPress authorization

26.04.2024 16:25

A vulnerability was found in Aazztech Post Slider Plugin up to 1.6.7 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation lea...

CVE-2024-33694 | Meks ThemeForest Smart Widget Plugin up to 1.5 on WordPress cross site scripting

26.04.2024 15:12

A vulnerability was found in Meks ThemeForest Smart Widget Plugin up to 1.5 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site s...

CVE-2024-33693 | Meks Smart Social Widget Plugin up to 1.6.4 on WordPress cross site scripting

26.04.2024 15:12

A vulnerability was found in Meks Smart Social Widget Plugin up to 1.6.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site sc...

CVE-2024-33691 | OptinMonster Popup Builder Team OptinMonster Plugin up to 2.15.3 on WordPress cross-site request forgery

26.04.2024 15:12

A vulnerability has been found in OptinMonster Popup Builder Team OptinMonster Plugin up to 2.15.3 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation...

CVE-2024-33695 | ThemeNcode Fan Page Widget by Plugin up to 2.0 on WordPress cross site scripting

26.04.2024 15:12

A vulnerability, which was classified as problematic, was found in ThemeNcode Fan Page Widget by Plugin up to 2.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scrip...

CVE-2024-33690 | Jegstudio Financio Plugin up to 1.1.3 on WordPress cross-site request forgery

26.04.2024 15:12

A vulnerability, which was classified as problematic, has been found in Jegstudio Financio Plugin up to 1.1.3 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads...

CVE-2024-33688 | Extend Themes Teluro Plugin up to 1.0.31 on WordPress cross-site request forgery

26.04.2024 15:12

A vulnerability classified as problematic was found in Extend Themes Teluro Plugin up to 1.0.31 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cros...

CVE-2024-33689 | Tony Zeoli & Tony Hayes Radio Station Plugin up to 2.5.7 on WordPress cross-site request forgery

26.04.2024 15:12

A vulnerability classified as problematic has been found in Tony Zeoli & Tony Hayes Radio Station Plugin up to 2.5.7 on WordPress. Affected is an unknown function. The manipulation leads to cross-site...

CVE-2024-33692 | Satrya Smart Recent Posts Widget Plugin up to 1.0.3 on WordPress cross site scripting

26.04.2024 15:11

A vulnerability was found in Satrya Smart Recent Posts Widget Plugin up to 1.0.3 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to c...

CVE-2024-4234 | Sayful Islam Filterable Portfolio Plugin up to 1.6.4 on WordPress cross site scripting

26.04.2024 15:11

A vulnerability was found in Sayful Islam Filterable Portfolio Plugin up to 1.6.4 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to ...

CVE-2024-4257 | BlueNet Technology Clinical Browsing System 1.2.1 /xds/deleteStudy.php documentUniqueId sql injection

26.04.2024 15:08

A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been classified as critical. This affects an unknown part of the file /xds/deleteStudy.php. The manipulation of t...

CVE-2024-4256 | Techkshetra Info Solutions Savsoft Quiz 6.0 Category Page editCategory category_name cross site scripting

26.04.2024 15:03

A vulnerability was found in Techkshetra Info Solutions Savsoft Quiz 6.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /public/index.php/Qbank/editCat...

CVE-2024-33697 | Rimes Gold CF7 File Download Plugin up to 2.0 on WordPress cross site scripting

26.04.2024 15:00

A vulnerability has been found in Rimes Gold CF7 File Download Plugin up to 2.0 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation...

CVE-2024-33696 | Broadstreet Xpress Ad Widget Plugin up to 2.20.0 on WordPress cross site scripting

26.04.2024 15:00

A vulnerability, which was classified as problematic, was found in Broadstreet Xpress Ad Widget Plugin up to 2.20.0 on WordPress. Affected is an unknown function. The manipulation leads to cross site ...

CVE-2024-4255 | Ruijie RG-UAC up to 20240419 gre_edit_commit.php name os command injection

26.04.2024 14:59

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. ...

CVE-2023-52646 | Linux Kernel up to 6.1.12 aio null pointer dereference

26.04.2024 14:47

A vulnerability classified as critical was found in Linux Kernel up to 6.1.12. This vulnerability affects unknown code of the component aio. The manipulation leads to null pointer dereference. This v...

CVE-2024-4252 | Tenda i22 1.0.0.3(4687) formSetUrlFilterRule groupIndex stack-based overflow

26.04.2024 14:46

A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffe...

CVE-2024-4251 | Tenda i21 1.0.0.14(4656) /goform/DhcpSetSe fromDhcpSetSer stack-based overflow

26.04.2024 14:46

A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been rated as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSe. The manipulation of the argum...

CVE-2024-4250 | Tenda i21 1.0.0.14(4656) /goform/wifiSSIDset formwrlSSIDset ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation...

CVE-2024-4249 | Tenda i21 1.0.0.14(4656) /goform/wifiSSIDget formwrlSSIDget ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. The manipulation of the argument ssi...

CVE-2024-4248 | Tenda i21 1.0.0.14(4656) formQosManage_user ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. This issue affects the function formQosManage_user. The manipulation of the argument ssidIndex leads to stack-based bu...

CVE-2024-4247 | Tenda i21 1.0.0.14(4656) formQosManage_auto ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. This vulnerability affects the function formQosManage_auto. The manipulation of the argument ssidIndex leads to s...

CVE-2024-4246 | Tenda i21 1.0.0.14(4656) formQosManageDouble_auto ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). This affects the function formQosManageDouble_auto. The manipulation of the argument ssidIndex leads to stack-...

CVE-2024-4245 | Tenda i21 1.0.0.14(4656) formQosManageDouble_user ssidIndex stack-based overflow

26.04.2024 14:46

A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). Affected by this issue is the function formQosManageDouble_user. The manipulation of the argument ssidInd...