Total
250623 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-31351 | 2024-05-17 | N/A | 10.0 CRITICAL | ||
Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content Writer & Generator.This issue affects Copymatic – AI Content Writer & Generator: from n/a through 1.6. | |||||
CVE-2023-47165 | 2024-05-17 | N/A | 6.0 MEDIUM | ||
Improper conditions check in the Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow an privileged user to potentially enable denial of service via local access. | |||||
CVE-2024-33552 | 2024-05-17 | N/A | 9.8 CRITICAL | ||
Improper Privilege Management vulnerability in 8theme XStore Core allows Privilege Escalation.This issue affects XStore Core: from n/a through 5.3.8. | |||||
CVE-2023-47855 | 2024-05-17 | N/A | 6.0 MEDIUM | ||
Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-38581 | 2024-05-17 | N/A | 8.8 HIGH | ||
Buffer overflow in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
CVE-2023-47210 | 2024-05-17 | N/A | 4.7 MEDIUM | ||
Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2024-2697 | 2024-05-17 | N/A | N/A | ||
The socialdriver-framework WordPress plugin before 2024.0.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. | |||||
CVE-2024-30479 | 2024-05-17 | N/A | 5.3 MEDIUM | ||
Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows Functionality Bypass.This issue affects IP Blocker Lite: from n/a through 11.1.1. | |||||
CVE-2024-3134 | 2024-05-17 | N/A | 6.4 MEDIUM | ||
The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the title_html_tag attribute in all versions up to, and including, 2.0.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
CVE-2023-38654 | 2024-05-17 | N/A | 8.2 HIGH | ||
Improper input validation for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
CVE-2024-31290 | 2024-05-17 | N/A | 9.8 CRITICAL | ||
Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.This issue affects Demo My WordPress: from n/a through 1.0.9.1. | |||||
CVE-2024-34567 | 2024-05-17 | N/A | 5.9 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a through 1.1.29. | |||||
CVE-2023-26526 | 2024-05-17 | N/A | 7.7 HIGH | ||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Nota-Info Bookly allows Path Traversal, Manipulating Web Input to File System Calls.This issue affects Bookly: from n/a through 21.7.1. | |||||
CVE-2023-46145 | 2024-05-17 | N/A | 8.8 HIGH | ||
Improper Privilege Management vulnerability in Themify Themify Ultra allows Privilege Escalation.This issue affects Themify Ultra: from n/a through 7.3.5. | |||||
CVE-2023-37385 | 2024-05-17 | N/A | 7.3 HIGH | ||
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.5.6. | |||||
CVE-2023-47859 | 2024-05-17 | N/A | 5.5 MEDIUM | ||
Improper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2023-43745 | 2024-05-17 | N/A | 2.8 LOW | ||
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access. | |||||
CVE-2023-41956 | 2024-05-17 | N/A | 8.8 HIGH | ||
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.3.4. | |||||
CVE-2024-24981 | 2024-05-17 | N/A | 7.5 HIGH | ||
Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server M50FCP Family products may allow a privileged user to enable escalation of privilege via local access. | |||||
CVE-2023-45221 | 2024-05-17 | N/A | 4.8 MEDIUM | ||
Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access. |