Currently trending CVE - Hype Score: 1 - A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue ...
Currently trending CVE - Hype Score: 30 - Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and ...
Currently trending CVE - Hype Score: 1 - An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content ...
Experts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution. Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as […]
A vulnerability, which was classified as problematic, was found in Mozilla Firefox 2.0. Affected is an unknown function. The manipulation leads to denial of service.
This vulnerability is traded as CVE-2006-2723. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
A vulnerability, which was classified as problematic, was found in QuantumCloud Infographic Maker Plugin up to 4.6.6 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-32696. It is possible to initiate the attack remotely. There is no exploit available.
A vulnerability has been found in ValvePress Automatic Plugin up to 3.92.x on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2024-32693. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability, which was classified as problematic, has been found in Holded Application up to 4.19.x. Affected by this issue is some unknown functionality of the component General/Team ID. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-4026. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
A vulnerability was found in PHPFox 4.8.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Status Box. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2022-34562. The attack can be launched remotely. There is no exploit available.
A vulnerability was found in PHPFox 4.8.9. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument video description leads to cross site scripting.
This vulnerability is handled as CVE-2022-34561. The attack may be launched remotely. There is no exploit available.