Total
5190 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54354 | 2024-12-16 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Beat Kueffer Termin-Kalender allows Stored XSS.This issue affects Termin-Kalender: from n/a through 0.99.47. | |||||
| CVE-2024-28230 | 1 Jetbrains | 1 Youtrack | 2024-12-16 | N/A | 6.5 MEDIUM |
| In JetBrains YouTrack before 2024.1.25893 attaching/detaching workflow to a project was possible without project admin permissions | |||||
| CVE-2023-40105 | 1 Google | 1 Android | 2024-12-13 | N/A | 5.5 MEDIUM |
| In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40113 | 1 Google | 1 Android | 2024-12-13 | N/A | 5.5 MEDIUM |
| In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-5318 | 1 Gitlab | 1 Gitlab | 2024-12-13 | N/A | 4.0 MEDIUM |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts. | |||||
| CVE-2024-54326 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through 4.5.0.4. | |||||
| CVE-2024-54323 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2. | |||||
| CVE-2024-54311 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in i.lychkov Mark New Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark New Posts: from n/a through 7.5.1. | |||||
| CVE-2024-54310 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through 1.0.1.8. | |||||
| CVE-2024-54298 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Bill Minozzi Car Dealer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Car Dealer: from n/a through 4.46. | |||||
| CVE-2024-54289 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.3.0. | |||||
| CVE-2024-54278 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through 2.1.3. | |||||
| CVE-2024-54271 | 2024-12-13 | N/A | 5.4 MEDIUM | ||
| Missing Authorization vulnerability in WPTaskForce WPCargo Track & Trace allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through 7.0.6. | |||||
| CVE-2024-54267 | 2024-12-13 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in CreativeMindsSolutions CM Answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a through 3.2.6. | |||||
| CVE-2024-54256 | 2024-12-13 | N/A | 7.1 HIGH | ||
| Missing Authorization vulnerability in Seerox Easy Blocks pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through 1.0.21. | |||||
| CVE-2024-54242 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Appsbd Simple Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through 1.3. | |||||
| CVE-2024-54241 | 2024-12-13 | N/A | 6.5 MEDIUM | ||
| Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification: from 1.5 through n/a. | |||||
| CVE-2024-54239 | 2024-12-13 | N/A | 9.8 CRITICAL | ||
| Missing Authorization vulnerability in dugudlabs Eyewear prescription form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through 4.0.18. | |||||
| CVE-2023-44149 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in BeRocket Brands for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brands for WooCommerce: from n/a through 3.8.2.2. | |||||
| CVE-2023-44147 | 2024-12-13 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Apasionados Comment Blacklist Updater allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Comment Blacklist Updater: from n/a through 1.1.0. | |||||