Latest CVE Feed
-
5.4
MEDIUMCVE-2020-24061
Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script... Read more
- Published: Sep. 12, 2024
- Modified: Sep. 13, 2024
-
7.6
HIGHCVE-2024-43966
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1.... Read more
Affected Products : wp_testimonial_widget- Published: Aug. 26, 2024
- Modified: Sep. 13, 2024
-
9.8
CRITICALCVE-2024-8695
A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.... Read more
Affected Products : desktop- Published: Sep. 12, 2024
- Modified: Sep. 13, 2024
-
9.8
CRITICALCVE-2024-8696
A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.... Read more
Affected Products : desktop- Published: Sep. 12, 2024
- Modified: Sep. 13, 2024
-
6.9
MEDIUMCVE-2024-8605
A vulnerability classified as problematic was found in code-projects Inventory Management 1.0. This vulnerability affects unknown code of the file /view/registration.php of the component Registration Form. The manipulation with the input <script>alert(1)<... Read more
Affected Products : inventory_management- Published: Sep. 09, 2024
- Modified: Sep. 13, 2024
-
5.5
MEDIUMCVE-2024-45406
Craft is a content management system (CMS). Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input.... Read more
Affected Products : craft_cms- Published: Sep. 09, 2024
- Modified: Sep. 13, 2024
-
7.2
HIGHCVE-2024-44871
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.... Read more
Affected Products : mozilocms- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
6.1
MEDIUMCVE-2024-44872
A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.... Read more
Affected Products : mozilocms- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.8
HIGHCVE-2024-38252
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows +5 more products- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.8
HIGHCVE-2024-38253
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
6.2
MEDIUMCVE-2024-38254
Windows Authentication Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows_10_1507 +6 more products- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.1
HIGHCVE-2023-41884
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34.... Read more
Affected Products : zoneminder- Published: Aug. 12, 2024
- Modified: Sep. 13, 2024
-
5.5
MEDIUMCVE-2024-38256
Windows Kernel-Mode Driver Information Disclosure Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_10_1507 windows +4 more products- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.5
HIGHCVE-2024-38258
Windows Remote Desktop Licensing Service Information Disclosure Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.5
HIGHCVE-2024-38263
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
8.8
HIGHCVE-2024-38260
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.1
HIGHCVE-2024-43454
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
9.8
CRITICALCVE-2024-43455
Windows Remote Desktop Licensing Service Spoofing Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.2
HIGHCVE-2024-43464
Microsoft SharePoint Server Remote Code Execution Vulnerability... Read more
Affected Products : sharepoint_server- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024
-
7.8
HIGH- Published: Sep. 10, 2024
- Modified: Sep. 13, 2024