CVE-2025-10498 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.12.0. This is due to missing or incorrect nonce validation when exporting CSV files. This makes it possible for unauthenticated...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-10498

creationtimestamp| type| source ---|---|--- 2025-01-17 10:33:25+00:00| seen| https://infosec.exchange/users/cve/statuses/113843241291825195 2025-01-17 10:57:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2116 2025-01-17 11:15:23+00:00| seen|...

CVE-2024-10498

Schneider Electric PowerLogic HDPM6000 is affected (CVE-2024-10498) by CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer. A memory-buffer bounds violation allows a remote attacker to modify configuration values outside the permitted range by sending specific Modbus ...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2020-10498

CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request...

CVE-2020-10498

CVE-2020-10498 affects Chadha PHPKB Standard Multi-Language 9. A CSRF vulnerability in admin/edit-category.php allows an attacker to edit a category by sending a crafted request (no explicit authentication bypass described). Root cause: missing/insufficient CSRF protection on the edit-category en...

CVE-2019-10498

Buffer overflow scenario if the client sends more than 5 iovec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640...

CVE-2019-10498

CVE-2019-10498 describes a buffer overflow in a Qualcomm closed‑source component triggered when a client sends more than 5 io_vec requests to the server. Affected products span Snapdragon Auto/Compute, Snapdragon IoT devices, and related Snapdragon/SDM families (e.g., SD 210–855, various Snapdrag...

CVE-2018-10498

CVE-2018-10498 affects Samsung Email and stems from improper validation in the handling of file:/// URIs, enabling local attackers with low-privilege code execution to read arbitrary files and disclose sensitive information. The issue requires local access and is documented with the ZDI advisory ...

CVE-2016-10498

CVE-2016-10498 affects Android devices with Qualcomm Snapdragon platforms (e.g., MDM9635M/9645/9650/9655, SD 210–650 series, SDM630/636/660, Snapdragon_High_Med_2016). The issue arises when stopping of the DTR occurs prematurely, which can cause the micro kernel to become stuck; the trigger is a ...

Fedora Core 11 FEDORA-2009-10498 (rt3)

The remote host is missing an update to rt3 announced via advisory FEDORA-2009-10498. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...