Latest CVE Feed
-
10.0
CVSS31CVE-2024-49216
Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Clayton Feed Comments Number allows Upload a Web Shell to a Web Server.This issue affects Feed Comments Number: from n/a through 0.2.1.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.9
CVSS31CVE-2024-48035
Unrestricted Upload of File with Dangerous Type vulnerability in Takayuki Imanishi ACF Images Search And Insert allows Upload a Web Shell to a Web Server.This issue affects ACF Images Search And Insert: from n/a through 1.1.4.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.9
CVSS31CVE-2024-48034
Unrestricted Upload of File with Dangerous Type vulnerability in Fliperrr Team Creates 3D Flipbook, PDF Flipbook allows Upload a Web Shell to a Web Server.This issue affects Creates 3D Flipbook, PDF Flipbook: from n/a through 1.2.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.8
CVSS31CVE-2024-48030
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows Object Injection.This issue affects Telecash Ricaricaweb: from n/a through 2.2.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
7.5
CVSS31CVE-2024-48029
: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hung Trang Si SB Random Posts Widget allows PHP Local File Inclusion.This issue affects SB Random Posts Widget: from n/a through 1.0... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.8
CVSS31CVE-2024-48028
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection.This issue affects IP Loc8: from n/a through 1.1.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.9
CVSS31CVE-2024-48027
Unrestricted Upload of File with Dangerous Type vulnerability in xaraartech External featured image from bing allows Upload a Web Shell to a Web Server.This issue affects External featured image from bing: from n/a through 1.0.2.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.8
CVSS31CVE-2024-48026
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through 1.0.0.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.1
CVSS31CVE-2024-47649
Unrestricted Upload of File with Dangerous Type vulnerability in THATplugin Iconize.This issue affects Iconize: from n/a through 1.2.4.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
7.5
CVSS31CVE-2024-47645
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sajid Javed Top Bar – PopUps – by WPOptin allows PHP Local File Inclusion.This issue affects Top Bar – PopUps – by WPOptin: from n/a through 2.0.1.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
8.8
CVSS31CVE-2024-47637
: Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Path Traversal.This issue affects LiteSpeed Cache: from n/a through 6.4.1.... Read more
Affected Products : litespeed_cache- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
7.5
CVSS31CVE-2024-47351
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The CSSIgniter Team MaxSlider allows Path Traversal.This issue affects MaxSlider: from n/a through 1.2.3.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
5.5
CVSS31CVE-2024-22034
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
6.3
CVSS31CVE-2024-22033
The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The attacker could provide a configuration to the service that allowed to execute command in later steps... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
6.5
CVSS31CVE-2024-22032
A vulnerability has been identified in which an RKE1 cluster keeps constantly reconciling when secrets encryption configuration is enabled. When reconciling, the Kube API secret values are written in plaintext on the AppliedSpec. Cluster owners, Cluste... Read more
Affected Products : rancher- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
8.0
CVSS31CVE-2024-22030
A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against t... Read more
Affected Products : rancher- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
7.8
CVSS31CVE-2024-22029
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
5.9
CVSS31CVE-2023-32189
Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
9.1
CVSS31CVE-2024-49271
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows : Command Injection.This issue affects Unlimited Elements For Elementor (... Read more
Affected Products : unlimited_elements_for_elementor- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
10.0
CVSS31CVE-2024-49257
Unrestricted Upload of File with Dangerous Type vulnerability in Denis Azz Anonim Posting allows Upload a Web Shell to a Web Server.This issue affects Azz Anonim Posting: from n/a through 0.9.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024