Show filters
70 Total Results
Displaying 11-20 of 70
Sort by:
Attacker Value
Unknown

CVE-2024-50417

Disclosure Date: November 19, 2024 (last updated January 13, 2025)
Missing Authorization vulnerability in BoldThemes Bold Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through 5.1.3.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-52417

Disclosure Date: November 18, 2024 (last updated November 19, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes ReConstruction allows Reflected XSS.This issue affects ReConstruction: from n/a through 1.4.7.
0
0
Attacker Value
Unknown

CVE-2024-47298

Disclosure Date: October 06, 2024 (last updated January 12, 2025)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.1.1.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-45246

Disclosure Date: October 06, 2024 (last updated October 07, 2024)
Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element
0
0
Attacker Value
Unknown

CVE-2024-45245

Disclosure Date: October 06, 2024 (last updated October 06, 2024)
Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
0
0
Attacker Value
Unknown

CVE-2024-47391

Disclosure Date: October 05, 2024 (last updated January 12, 2025)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a before 5.1.1.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-5359

Disclosure Date: September 25, 2024 (last updated October 01, 2024)
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-43294

Disclosure Date: August 18, 2024 (last updated August 19, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BoldThemes Bold Timeline Lite allows Stored XSS.This issue affects Bold Timeline Lite: from n/a through 1.2.0.
0
0
Attacker Value
Unknown

CVE-2023-40261

Disclosure Date: August 08, 2024 (last updated August 20, 2024)
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR02 fails to validate file attributes during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-33206

Disclosure Date: August 08, 2024 (last updated August 20, 2024)
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
Attack Vector: PhysicalPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >