Medium
CVSS: 6.1
Yayın: 2025-01-06 06:15:06
The Pods WordPress plugin before 3.2.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (f…
Medium
CVSS: 6.1
Yayın: 2025-01-06 06:15:06
The tourmaster WordPress plugin before 5.3.4 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks.
High
CVSS: 8.8
Yayın: 2025-01-06 04:15:07
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User…
High
CVSS: 7.5
Yayın: 2025-01-06 04:15:07
In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:…
Medium
CVSS: 4.4
Yayın: 2025-01-06 04:15:07
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation…
Medium
CVSS: 6.7
Yayın: 2025-01-06 04:15:07
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patc…
High
CVSS: 7.5
Yayın: 2025-01-06 04:15:07
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01412526; Issue ID: MSV-2018.
High
CVSS: 7.5
Yayın: 2025-01-06 04:15:07
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01231341 / MOLY012…
Critical
CVSS: 9.8
Yayın: 2025-01-06 04:15:07
In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Pa…
High
CVSS: 8.1
Yayın: 2025-01-06 04:15:06
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation…
Medium
CVSS: 6.6
Yayın: 2025-01-06 04:15:06
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is n…
Medium
CVSS: 6.6
Yayın: 2025-01-06 04:15:06
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is n…
Medium
CVSS: 6.6
Yayın: 2025-01-06 04:15:06
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is n…
Medium
CVSS: 6.7
Yayın: 2025-01-06 04:15:06
In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch I…
Medium
CVSS: 6.7
Yayın: 2025-01-06 04:15:06
In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID:…
Medium
CVSS: 5.3
Yayın: 2025-01-06 01:15:06
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argumen…
Medium
CVSS: 5.3
Yayın: 2025-01-06 00:15:05
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument edito…
Medium
CVSS: 5.1
Yayın: 2025-01-06 00:15:05
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the ar…
Medium
CVSS: 6.9
Yayın: 2025-01-05 23:15:07
A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/course.php. The manipulation of the argument course_name leads to sql injection. It is poss…
Medium
CVSS: 5.1
Yayın: 2025-01-05 23:15:06
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the arg…