CVE-2024-10365 (v3: 4.3) 20 Nov 2024
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive... Read more ➔
CVE-2024-52506 18 Nov 2024
Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain... Read more ➔
CVE-2024-43416 18 Nov 2024
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an app... Read more ➔
CVE-2020-3525 18 Nov 2024
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account p... Read more ➔
CVE-2024-45791 18 Nov 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: before 1.6.1. Use... Read more ➔
CVE-2024-52513 15 Nov 2024
Nextcloud Server is a self hosted personal cloud system. After receiving a "Files drop" or "Password protected" share link a malicious user was able t... Read more ➔
CVE-2024-52508 15 Nov 2024
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email addres... Read more ➔
CVE-2024-52523 15 Nov 2024
Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the... Read more ➔
CVE-2024-52517 15 Nov 2024
Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the... Read more ➔
CVE-2022-20648 (v3: 5.3) 15 Nov 2024
A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions t... Read more ➔
CVE-2024-8979 (v3: 8) 15 Nov 2024
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to S... Read more ➔
CVE-2024-3502 14 Nov 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists where account recovery hashes of users are inad... Read more ➔
CVE-2024-3501 14 Nov 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists due to the inclusion of single-use tokens in th... Read more ➔
CVE-2024-48900 13 Nov 2024
A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of... Read more ➔
CVE-2024-10352 (v3: 4.3) 9 Nov 2024
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via... Read more ➔
CVE-2024-8756 (v3: 5.3) 9 Nov 2024
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0... Read more ➔
CVE-2024-10285 (v3: 9.8) 9 Nov 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0.... Read more ➔
CVE-2024-52001 8 Nov 2024
Combodo iTop is a simple, web based IT Service Management tool. In affected versions portal users are able to access forbidden services information. T... Read more ➔
CVE-2024-48011 8 Nov 2024
Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileg... Read more ➔
CVE-2024-10965 7 Nov 2024
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability is an unknown functionality of the fil... Read more ➔
CVE-2024-50342 6 Nov 2024
symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously... Read more ➔
CVE-2024-20507 6 Nov 2024
A vulnerability in the logging subsystem of Cisco Meeting Management could allow an authenticated, remote attacker to view sensitive information in cl... Read more ➔
CVE-2024-20457 6 Nov 2024
A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authen... Read more ➔
CVE-2024-20445 6 Nov 2024
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthen... Read more ➔