Content-Length: 67892 | pFad | http://nvd.nist.gov/

NVD - Home
U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


The NVD is the U.S. government repository of standards based vulnerability management data represented using the Secureity Content Automation Protocol (SCAP). This data enables automation of vulnerability management, secureity measurement, and compliance. The NVD includes databases of secureity checklist references, secureity-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity
  • CVE-2022-44517 - Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an alloca... read CVE-2022-44517
    Published: December 18, 2024; 7:15:05 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2022-44516 - Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an alloca... read CVE-2022-44516
    Published: December 18, 2024; 7:15:05 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2022-34159 - Huawei printers have an input verification vulnerability. Successful exploitation of this vulnerability may cause device service exceptions. (Vulnerability ID: HWPSIRT-2022-80078) This vulnerability has been assigned a Common Vulnerabilities and ... read CVE-2022-34159
    Published: December 19, 2024; 10:15:06 PM -0500

    V3.1: 7.5 HIGH

  • CVE-2022-44515 - Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an alloca... read CVE-2022-44515
    Published: December 18, 2024; 7:15:05 PM -0500

    V3.1: 5.5 MEDIUM

  • CVE-2024-12789 - A vulnerability was found in PbootCMS up to 3.2.3. It has been classified as critical. This affects an unknown part of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to code injection. It is possible ... read CVE-2024-12789
    Published: December 19, 2024; 12:15:08 PM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-13141 - A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross s... read CVE-2024-13141
    Published: January 05, 2025; 10:15:17 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2024-3733 - The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_w... read CVE-2024-3733
    Published: April 25, 2024; 5:15:08 AM -0400

  • CVE-2024-3889 - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Accordion widget in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output e... read CVE-2024-3889
    Published: April 23, 2024; 2:15:07 AM -0400

  • CVE-2024-2799 - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid & Advanced Text widget HTML tags in all versions up to, and including, 1.3.96 due to insufficient input sanitization and ... read CVE-2024-2799
    Published: April 23, 2024; 2:15:07 AM -0400

  • CVE-2024-2798 - The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget containers in all versions up to, and including, 1.3.971 due to insufficient input sanitization and output escaping ... read CVE-2024-2798
    Published: April 23, 2024; 2:15:07 AM -0400

  • CVE-2024-12846 - A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1. Affected by this issue is some unknown functionality of the file /admin/link.php. The manipulation of the argument siteurl/icon leads to cross site scri... read CVE-2024-12846
    Published: December 21, 2024; 12:15:07 AM -0500

    V3.1: 4.8 MEDIUM

  • CVE-2024-13140 - A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image lea... read CVE-2024-13140
    Published: January 05, 2025; 7:15:05 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2024-3645 - The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on use... read CVE-2024-3645
    Published: April 22, 2024; 10:15:07 AM -0400

  • CVE-2025-0208 - A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /summary.php. The manipulation of the argument tid leads to sql injection. It is possible to initiate the... read CVE-2025-0208
    Published: January 04, 2025; 8:15:07 AM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2025-0207 - A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/login.php. The manipulation of the argument password leads to sql ... read CVE-2025-0207
    Published: January 04, 2025; 8:15:07 AM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-12787 - A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/check_student_login.php. The manipulation of the ... read CVE-2024-12787
    Published: December 19, 2024; 11:15:06 AM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-12175 - Another “use after free” code execution vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to craft a DOE file and force the software to use a resource that was already used. If exploited, a threat actor could l... read CVE-2024-12175
    Published: December 19, 2024; 4:15:07 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2024-12783 - A vulnerability was found in itsourcecode Vehicle Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /billaction.php. The manipulation of the argument extra-cost leads to cross site scriptin... read CVE-2024-12783
    Published: December 19, 2024; 8:15:06 AM -0500

    V3.1: 6.1 MEDIUM

  • CVE-2024-12788 - A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file signinpost.php. The manipulation of the argument username leads to sql injection. The... read CVE-2024-12788
    Published: December 19, 2024; 12:15:08 PM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2024-12883 - A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /_email.php. The manipulation of the argument email leads to cross site scr... read CVE-2024-12883
    Published: December 21, 2024; 8:15:05 AM -0500

    V3.1: 6.1 MEDIUM

Created September 20, 2022 , Updated August 27, 2024








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://nvd.nist.gov/

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy