350 matches found
WordPress MailMunch – Grow your Email List plugin <= 3.1.8 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin MailMunch – Grow your Email List versions = 3.1.8...
CVE-2024-11517
creationtimestamp| type| source ---|---|--- 2024-11-21 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1597/...
CVE-2024-50849
creationtimestamp| type| source ---|---|--- 2024-11-18 20:23:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113505821918325381 2024-11-18 23:14:30+00:00| seen| https://t.me/cvedetector/11385 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...
CVE-2024-10344 Unauthenticated Denial of Service via Refuse Function
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service DoS via the refuse function was identified. Reported by Karol Więsek...
CVE-2024-51780
creationtimestamp| type| source ---|---|--- 2024-11-09 09:42:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113452342614369625 2024-11-09 12:27:12+00:00| seen| https://t.me/cvedetector/10303...
CVE-2024-50140
creationtimestamp| type| source ---|---|--- 2024-11-07 09:34:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113440984929040866 2024-11-07 09:37:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113440996222790807...
CVE-2024-38821
creationtimestamp| type| source ---|---|--- 2024-10-28 09:28:03+00:00| seen| https://t.me/cvedetector/9093 2024-10-29 05:03:03+00:00| seen| https://t.me/CyberBulletin/26249 2024-10-29 05:03:03+00:00| seen| https://t.me/CyberBulletin/1305 2025-01-23 13:31:51+00:00| seen|...
CVE-2024-20329
creationtimestamp| type| source ---|---|--- 2024-10-23 19:54:30+00:00| seen| https://t.me/cvedetector/8732 2024-10-24 07:47:40+00:00| seen| https://t.me/CyberBulletin/1241 2024-10-24 07:47:40+00:00| seen| https://t.me/CyberBulletin/26176 2024-10-24 18:00:07+00:00| exploited|...
CVE-2024-21254
...
CVE-2024-21231
...
[SECURITY] Fedora 41 Update: znc-clientbuffer-0-0.28.20190129git9766a4a.fc41
The client buffer module maintains client specific buffers for identified clients...
PT-2024-38729 · Palo Alto Networks · Prisma Access Browser
Name of the Vulnerable Software and Affected Versions: Prisma Access Browser affected versions not specified Description: A security issue has been identified in Prisma Access Browser. For more information, refer to the monthly vulnerability updates. Recommendations: At the moment, there is no...
CVE-2024-38237
creationtimestamp| type| source ---|---|--- 2024-09-10 17:25:32+00:00| seen| https://www.thezdi.com/blog/2024/9/10/the-september-2024-security-update-review...
PT-2024-29424 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A vulnerability has been identified, but details are not provided in the given information. There is a mention of a resource for vulnerability scanning. Recommendations: At the moment,...
MAL-2024-7801 Malicious code in slo-schema (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 43e18d91b3514c4d1f87bbc68730da7b0ce3213e132d2133cb2ee0d06bc07504 The OpenSSF Package Analysis project identified 'slo-schema' @ 10.20.2 npm as malicious. It is considered malicious because: - The package...
CVE-2024-21151
...
Read private customer data reclaiming carts in Klaviyo Magento
A researcher identified an endpoint in a thirth party module Klaviyo Magento 2 which allows to read private customer data from stores. It works by reclaiming any guest-cart as your own and reading the private data for the orders in the Magento API...
CVE-2024-21086
...
CVE-2024-21057
...
CVE-2024-3098 Prompt Injection leading to Arbitrary Code Execution in run-llama/llama_index
A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...