Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32536 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32535 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32534 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.23. Published: April 17, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32533 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Shaw LH Add Media From Url allows Reflected XSS.This issue affects LH Add Media From Url: from n/a through 1.22. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-24856 |
The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee a successful allocation, but the subsequent code directly dereferences the pointer that receives it, which may lead to null pointer dereference. To fix this issue, a null pointer check should be added. If it is null, return exception code AE_NO_MEMORY. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-36505 |
Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-25043 |
Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data Tables Generator: from n/a through 1.10.25. Published: April 17, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3847 |
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3846 |
Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3845 |
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3844 |
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3843 |
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3841 |
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3840 |
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3839 |
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2024-3838 |
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-3837 |
Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2024-3834 |
Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2024-3833 |
Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3832 |
Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) Published: April 17, 2024; 4:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |