Show filters
298,052 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2023-6371

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
An issue has been discovered in GitLab CE/EE affecting all versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1. A wiki page with a crafted payload may lead to a Stored XSS, allowing attackers to perform arbitrary actions on behalf of victims.
0
Attacker Value
Unknown

CVE-2023-52628

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of the register in case ->len is NOT a multiple of the register size, so make it conditional just like nft_payload.c does. The bug was added in 4.1 cycle and then copied/inherited when tcp/sctp and ip option support was added. Bug reported by Zero Day Initiative project (ZDI-CAN-21950, ZDI-CAN-21951, ZDI-CAN-21961).
0
Attacker Value
Unknown

CVE-2024-28002

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0.
0
Attacker Value
Unknown

CVE-2024-28001

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Archetyped Favicon Rotator allows Reflected XSS.This issue affects Favicon Rotator: from n/a through 1.2.10.
0
Attacker Value
Unknown

CVE-2024-27999

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digamber Pradhan Preview E-mails for WooCommerce allows Reflected XSS.This issue affects Preview E-mails for WooCommerce: from n/a through 2.2.1.
0
Attacker Value
Unknown

CVE-2024-25924

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3.
0
Attacker Value
Unknown

CVE-2024-25923

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Insertion of Sensitive Information into Log File vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.2.7.0.
0
Attacker Value
Unknown

CVE-2024-25599

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Castos Seriously Simple Podcasting allows Reflected XSS.This issue affects Seriously Simple Podcasting: from n/a through 3.0.2.
0
Attacker Value
Unknown

CVE-2024-22138

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Insertion of Sensitive Information into Log File vulnerability in Seraphinite Solutions Seraphinite Accelerator.This issue affects Seraphinite Accelerator: from n/a through 2.20.47.
0
Attacker Value
Unknown

CVE-2023-52234

Disclosure Date: March 28, 2024 (last updated March 28, 2024)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Booster Booster Elite for WooCommerce.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.2.
0