Total
3177 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-28216 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. | |||||
| CVE-2024-28215 | 2024-11-21 | N/A | 7.5 HIGH | ||
| nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. | |||||
| CVE-2024-28167 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization causing high impact on Integrity of the appliction. | |||||
| CVE-2024-28159 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build. | |||||
| CVE-2024-28004 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248. | |||||
| CVE-2024-28003 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3. | |||||
| CVE-2024-27970 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in BogdanFix WP SendFox.This issue affects WP SendFox: from n/a through 1.3.0. | |||||
| CVE-2024-27953 | 2024-11-21 | N/A | 4.7 MEDIUM | ||
| Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.8. | |||||
| CVE-2024-27950 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in sirv.Com Image Optimizer, Resizer and CDN – Sirv.This issue affects Image Optimizer, Resizer and CDN – Sirv: from n/a through 7.2.0. | |||||
| CVE-2024-27939 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system privileges. | |||||
| CVE-2024-27911 | 2024-11-21 | N/A | 7.5 HIGH | ||
| A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password. | |||||
| CVE-2024-27910 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to reboot the printer without authentication. | |||||
| CVE-2024-27900 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Due to missing authorization check, attacker with business user account in SAP ABAP Platform - version 758, 795, can change the privacy setting of job templates from shared to private. As a result, the selected template would only be accessible to the owner. | |||||
| CVE-2024-27190 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2. | |||||
| CVE-2024-25935 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9. | |||||
| CVE-2024-25929 | 1 Multivendorx | 1 Product Catalog Mode For Woocommerce | 2024-11-21 | N/A | 6.5 MEDIUM |
| Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through 5.0.5. | |||||
| CVE-2024-25922 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.This issue affects Peach Payments Gateway: from n/a through 3.1.9. | |||||
| CVE-2024-25912 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| Missing Authorization vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2. | |||||
| CVE-2024-25911 | 2024-11-21 | N/A | 8.6 HIGH | ||
| Missing Authorization vulnerability in Skymoon Labs MoveTo.This issue affects MoveTo: from n/a through 6.2. | |||||
| CVE-2024-25908 | 2024-11-21 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2. | |||||