ReportizFlow
Filtered by vendor
Subscriptions
Total
323514 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-6413 | 2024-11-15 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2414. Reason: This candidate is a reservation duplicate of CVE-2023-2414. Notes: All CVE users should reference CVE-2023-2414 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2024-51882 | 1 Ehues | 1 Gboy Custom Google Map | 2024-11-15 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2. | ||||
| CVE-2024-52356 | 1 Webangon | 1 The Pack Elementor Addons | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0. | ||||
| CVE-2024-52357 | 1 Lqd | 1 Liquid Blocks | 2024-11-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LIQUID DESIGN Ltd. LIQUID BLOCKS allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through 1.2.0. | ||||
| CVE-2024-52379 | 1 Kinetic Innovative Technologies Sdn Bhd | 1 Kineticpay For Woocommerce | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Kinetic Innovative Technologies Sdn Bhd kineticPay for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects kineticPay for WooCommerce: from n/a through 2.0.8. | ||||
| CVE-2024-52377 | 1 Bdthemes | 1 Instant Image Generator | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in BdThemes Instant Image Generator allows Upload a Web Shell to a Web Server.This issue affects Instant Image Generator: from n/a through 1.5.4. | ||||
| CVE-2024-48966 | 1 Baxter | 1 Life2000 Ventilator Firmware | 2024-11-15 | 10 Critical |
| The software tools used by service personnel to test & calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator's settings and embedded software via the calibration tool, without having to authenticate to either tool. This could result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance. | ||||
| CVE-2024-52376 | 1 Cmsminds | 1 Boat Rental Plugin For Wordpress | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for WordPress allows Upload a Web Shell to a Web Server.This issue affects Boat Rental Plugin for WordPress: from n/a through 1.0.1. | ||||
| CVE-2024-52375 | 1 Arttia Creative | 1 Datasets Manager | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Arttia Creative Datasets Manager by Arttia Creative.This issue affects Datasets Manager by Arttia Creative: from n/a through 1.5. | ||||
| CVE-2024-52374 | 1 Dothattask | 1 Do That Task | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through 1.5.5. | ||||
| CVE-2024-10691 | 2024-11-15 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9530. Reason: This candidate is a reservation duplicate of CVE-2024-9530. Notes: All CVE users should reference CVE-2024-9530 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2024-52373 | 1 Team Devexhub | 1 Devexhub Gallery | 2024-11-15 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Team Devexhub Devexhub Gallery allows Upload a Web Shell to a Web Server.This issue affects Devexhub Gallery: from n/a through 2.0.1. | ||||
| CVE-2024-9834 | 1 Baxter | 1 Life2000 Ventilator Firmware | 2024-11-15 | 9.3 Critical |
| Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance. | ||||
| CVE-2024-48967 | 1 Baxter | 1 Life2000 Ventilator Firmware | 2024-11-15 | 10 Critical |
| The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to ventilator settings that result in unauthorized disclosure of information and/or have unintended impacts on device performance. | ||||
| CVE-2024-24984 | 2024-11-15 | 6.5 Medium | ||
| Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2024-23312 | 1 Intel Binary Configuration Tool Software For Windows | 1 Intel Binary Configuration Tool Software For Windows | 2024-11-15 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21850 | 1 Intel | 1 Tdx Module Software | 2024-11-15 | 6 Medium |
| Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module software before version 1.5.02.00 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21799 | 2024-11-15 | 7.1 High | ||
| Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21783 | 2024-11-15 | 4.8 Medium | ||
| Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-33617 | 2024-11-15 | 5.9 Medium | ||
| Insufficient control flow management in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. | ||||