Lucene search
K

5111 matches found

NVD
NVD
added 2024/12/07 2:15 a.m.13 views

CVE-2024-11353

The SMS for Lead Capture Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deletemessage function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00298EPSS
Exploits0References3
CVE
CVE
added 2024/12/07 1:45 a.m.39 views

CVE-2024-11353

CVE-2024-11353 affects the WordPress plugin SMS for Lead Capture Forms (ClickSend Lead Capture Form). The vulnerability is a missing capability check in the delete_message() function across all versions up to 1.1.0, allowing authenticated attackers with Subscriber+ privileges to perform unauthori...

4.3CVSS4.4AI score0.00298EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/07 12:0 a.m.5 views

WordPress plugin SMS for Lead Capture Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

4.3CVSS8.2AI score0.00298EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/12/06 1:10 p.m.5 views

WordPress SMS for Lead Capture Forms plugin <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Message Deletion vulnerability discovered by Mika in WordPress Plugin SMS for Lead Capture Forms versions = 1.1.0...

4.3CVSS7AI score0.00298EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2024/12/06 12:0 a.m.3 views

Wyse Management Suite Authentication Bypass Vulnerability

Wyse Management Suite is Dell's hybrid cloud security management solution for Wyse thin client devices, designed to simplify IT management processes and enhance device security. An authentication bypass vulnerability exists in Wyse Management Suite, which stems from a vulnerability that includes...

7.6CVSS6.9AI score0.00534EPSS
Exploits0References1
OSV
OSV
added 2024/12/02 8:15 a.m.1 views

UBUNTU-CVE-2024-53104

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

7.8CVSS6.3AI score0.03301EPSS
Exploits1References59
Fedora
Fedora
added 2024/12/01 3:53 a.m.14 views

[SECURITY] Fedora 41 Update: wireshark-4.4.2-1.fc41

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.8CVSS7AI score0.00299EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/11/29 12:0 a.m.7 views

The vulnerability of the capture_packages function in multifunctional wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a intruder to execute arbitrary commands.

The vulnerability of the capturepackages function in multifunctional wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO is related to the lack of measures to neutralize special elements. Exploiting this vulnerability could allow a remote attacker to execute...

10CVSS8.3AI score0.01485EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2024/11/26 11:22 a.m.2 views

CVE-2024-50374

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The vulnerability can be exploited by remote...

9.8CVSS7.4AI score0.01485EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 10:56 a.m.13 views

CVE-2024-50374

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G = 1.6.3, EKI-6333AC-2GD = v1.6.3 and EKI-6333AC-1GPO = v1.2.1. The vulnerability can be exploited by remote...

9.8CVSS0.01485EPSS
Exploits0References1
OSV
OSV
added 2024/11/26 3:15 a.m.3 views

CVE-2024-49595

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

4.9CVSS5.8AI score0.00534EPSS
Exploits0References1
NVD
NVD
added 2024/11/26 3:15 a.m.11 views

CVE-2024-49595

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

7.6CVSS0.00534EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/26 2:46 a.m.23 views

CVE-2024-49595

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

7.6CVSS0.00534EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/26 2:46 a.m.13 views

CVE-2024-49595

Dell Wyse Management Suite, version WMS 4.4 and before, contain an Authentication Bypass by Capture-replay vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

7.6CVSS6.8AI score0.00534EPSS
Exploits0References1
CVE
CVE
added 2024/11/26 2:46 a.m.66 views

CVE-2024-49595

CVE-2024-49595 affects Dell Wyse Management Suite (WMS) 4.4 and earlier, due to an Authentication Bypass by Capture‑Replay. The public documents show that a remote, high-privilege attacker could exploit this to cause a Denial of Service. Connected sources corroborate related issues in the same pr...

7.6CVSS6.8AI score0.00534EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.10 views

Dell Wyse Management Suite 安全漏洞

Wyse Management Suite is Dell's hybrid cloud security management solution for Wyse thin client devices, designed to simplify IT management processes and enhance device security. An authentication bypass vulnerability exists in Wyse Management Suite, which stems from a vulnerability that includes...

7.6CVSS6.9AI score0.00534EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.4 views

The vulnerability of the FiveCo RAP traffic analyzer of Wireshark allows a hacker to cause a service failure.

The vulnerability of the FiveCo RAP traffic analyzer of Wireshark relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability can allow attackers to cause service failures by injecting specially crafted packets or capture files...

7.8CVSS6.6AI score0.00268EPSS
Exploits0References4Affected Software2
SUSE CVE
SUSE CVE
added 2024/11/22 4:5 a.m.4 views

SUSE CVE-2024-11595

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file...

7.5CVSS7.2AI score0.00268EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/11/21 7:26 p.m.15 views

CVE-2024-50288

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a mustblank array that was still sized for 32...

5.5CVSS7.1AI score0.00186EPSS
Exploits0References4
NVD
NVD
added 2024/11/21 11:15 a.m.9 views

CVE-2024-11596

ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file...

7.8CVSS0.00299EPSS
Exploits1References2
Rows per page
Query Builder