Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-31384 |
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Spa and Salon.This issue affects Spa and Salon: from n/a through 1.2.7. Published: April 15, 2024; 7:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31383 |
Cross-Site Request Forgery (CSRF) vulnerability in Pagelayer PopularFX.This issue affects PopularFX: from n/a through 1.2.4. Published: April 15, 2024; 7:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31382 |
Cross-Site Request Forgery (CSRF) vulnerability in Creative Themes HQ Blocksy.This issue affects Blocksy: from n/a through 2.0.22. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31381 |
Cross-Site Request Forgery (CSRF) vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31379 |
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Smash Balloon Social Post Feed.This issue affects Smash Balloon Social Post Feed: from n/a through 4.2.1. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31378 |
Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31376 |
Cross-Site Request Forgery (CSRF) vulnerability in Andrew Rapps Dashboard To-Do List.This issue affects Dashboard To-Do List: from n/a through 1.3.1. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31374 |
Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. Published: April 15, 2024; 7:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31373 |
Cross-Site Request Forgery (CSRF) vulnerability in E2Pdf.This issue affects e2pdf: from n/a through 1.20.27. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30546 |
Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Login With Ajax.This issue affects Login With Ajax: from n/a through 4.1. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30220 |
Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30219 |
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29219 |
Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29218 |
Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28957 |
Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28894 |
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28099 |
VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-26023 |
OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23911 |
Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet. Published: April 15, 2024; 7:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23486 |
Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials. Published: April 15, 2024; 7:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |