CVE-2024-38737

Technical details about CVE-2024-38737 are not present in the provided connected documents. Public information in these sources does not specify affected versions, root cause, impact, or remediation. Monitor for updates from official advisories and CVE records.

CVE-2024-38783

CVE-2024-38783 concerns the WordPress plugin Arconix FAQ (

CVE-2024-43159 WordPress Masteriyo LMS plugin <= 1.11.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.11.6...

CVE-2024-43159

CVE-2024-43159 is a Missing Authorization vulnerability in WordPress Masteriyo LMS plugin affecting versions up to 1.11.6. Public details describe that access to functionality is not properly constrained by ACLs, enabling unauthorized access. Available connected sources consistently state the iss...

CVE-2024-43253 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

CVE-2024-43923 WordPress Timetics plugin <= 1.0.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23...

CVE-2024-43979

CVE-2024-43979 is a Missing Authorization vulnerability in CozyThemes Blockbooster for WordPress. The flaw affects Blockbooster versions

CVE-2024-43998

CVE-2024-43998 : Blogpoet theme has a Missing Authorization (ACL) vulnerability that lets an unauthenticated actor access functions not properly constrained by ACLs in Blogpoet versions n/a–1.0.3. The credible connected documents describe the root cause as missing authorization around plugin/feat...

CVE-2024-47321

CVE-2024-47321 affects WordPress WP Datepicker

CVE-2024-10654 TOTOLINK LR350 formLoginAuth.htm authorization

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be...

JetBrains YouTrack < 2024.3.47707 Multiple Vulnerabilities

The version of JetBrains YouTrack installed on the remote host is prior to 2024.3.47707. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - Potential ReDoS exploit was possible via email header parsing in Helpdesk functionality CVE-2024-50574 - Reflecte...

PT-2025-23521 · Hewlett Packard · Hpe Storeonce

Name of the Vulnerable Software and Affected Versions: HPE StoreOnce Software affected versions not specified Description: A directory traversal information disclosure issue exists. This allows for potential information disclosure due to directory traversal vulnerabilities in the getServerPayload...

CVE-2024-48311

CVE-2024-48311 affects Piwigo v14.5.0 and is a Cross-Site Request Forgery (CSRF) vulnerability via the Edit album function. The CVSS v3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). The available connected documents confirm the flaw is in Piwigo 14.5.0 and desc...

CVE-2024-24777

A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious web page to trigger this vulnerability...

CVE-2024-50574

In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...

CVE-2024-50574

In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...

CVE-2024-50574

In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality...

CVE-2024-50574

JetBrains YouTrack before 2024.3.47707 is affected by CVE-2024-50574: a potential ReDoS via email header parsing in Helpdesk. The issue is described in multiple sources as a denial of service risk with availability impact (per CVSS notes: HIGH). No explicit exploit details or active exploit statu...

NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration

Talos Vulnerability Report TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration October 23, 2024 CVE Number CVE-2024-0118 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D...

NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...