U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,155 matching records.
Displaying matches 401 through 420.
Vuln ID Summary CVSS Severity
CVE-2024-25420

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component.

Published: March 26, 2024; 5:15:52 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-51148

An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component.

Published: March 26, 2024; 5:15:52 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-48777

Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1.

Published: March 26, 2024; 5:15:52 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-48275

Unrestricted Upload of File with Dangerous Type vulnerability in Trustindex.Io Widgets for Google Reviews.This issue affects Widgets for Google Reviews: from n/a through 11.0.2.

Published: March 26, 2024; 5:15:52 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-47873

Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator: from n/a through 1.0.9.

Published: March 26, 2024; 5:15:51 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-47846

Unrestricted Upload of File with Dangerous Type vulnerability in Terry Lin WP Githuber MD.This issue affects WP Githuber MD: from n/a through 1.16.2.

Published: March 26, 2024; 5:15:51 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-47842

Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.

Published: March 26, 2024; 5:15:51 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-39307

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.

Published: March 26, 2024; 5:15:51 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-38388

Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5.

Published: March 26, 2024; 5:15:51 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-29386

Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon: from n/a through 2.0.

Published: March 26, 2024; 5:15:50 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-28787

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4.

Published: March 26, 2024; 5:15:50 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-28687

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in perfectwpthemes Glaze Blog Lite, themebeez Fascinate, themebeez Cream Blog, themebeez Cream Magazine allows Reflected XSS.This issue affects Glaze Blog Lite: from n/a through <= 1.1.4; Fascinate: from n/a through 1.0.8; Cream Blog: from n/a through 2.1.3; Cream Magazine: from n/a through 2.1.4.

Published: March 26, 2024; 5:15:50 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-2955

T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via packet injection or crafted capture file

Published: March 26, 2024; 4:15:11 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-2902

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257945 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 26, 2024; 4:15:11 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-2901

A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257944. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 26, 2024; 4:15:10 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-2900

A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. This affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257943. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 26, 2024; 4:15:10 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-28442

Directory Traversal vulnerability in Yealink VP59 v.91.15.0.118 allows a physically proximate attacker to obtain sensitive information via terms of use function in the company portal component.

Published: March 26, 2024; 4:15:09 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-6091

Unrestricted Upload of File with Dangerous Type vulnerability in mndpsingh287 Theme Editor.This issue affects Theme Editor: from n/a through 2.7.1.

Published: March 26, 2024; 4:15:09 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-27630

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0.

Published: March 26, 2024; 4:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-27459

Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through 2.3.2.1.

Published: March 26, 2024; 4:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)