Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-52643 |
In the Linux kernel, the following vulnerability has been resolved: iio: core: fix memleak in iio_device_register_sysfs When iio_device_register_sysfs_group() fails, we should free iio_dev_opaque->chan_attr_group.attrs to prevent potential memleak. Published: April 17, 2024; 6:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-52642 |
In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires CAP_NET_ADMIN. Published: April 17, 2024; 6:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-44227 |
Missing Authorization vulnerability in Mitchell Bennis Simple File List.This issue affects Simple File List: from n/a through 6.1.9. Published: April 17, 2024; 6:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32546 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5. Published: April 17, 2024; 5:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32545 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32544 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32543 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Minoji MJ Update History allows Reflected XSS.This issue affects MJ Update History: from n/a through 1.0.4. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32542 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32541 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32540 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a through 1.0.7. Published: April 17, 2024; 5:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32539 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32538 |
Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32536 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32535 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32534 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.23. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32533 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Add Media From Url allows Reflected XSS.This issue affects LH Add Media From Url: from n/a through 1.22. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-24856 |
The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-36505 |
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-25043 |
Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3847 |
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |