VIR Vulnerability Intelligence Relay

CVEs from 2024

6,620 normalized CVEs published or assigned in this year.

Total
6,620
critical
critical 168
high
high 1,065
medium
medium 2,078
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%

Top vendors

Top products

  • surveillance_station 12
  • checkmk 10
  • profilegrid 8
  • office 8
  • office_long_term_servicing_channel 6
  • propertyhive 5
  • glibc 5
  • element_pack 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2024-31287 medium 6.5 6.5 2y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8.
CVE-2024-31278 medium 6.5 6.5 2y ago Insertion of Sensitive Information Into Sent Data vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <…
CVE-2024-31368 medium 6.5 6.5 2y ago Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.
CVE-2024-31357 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store …
CVE-2024-31348 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials allows Stored XSS.This issue affects Testimonials: from n/a through 3.0.…
CVE-2024-31346 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Tex…
CVE-2024-31258 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Micro.Company Form to Chat App allows Stored XSS.This issue affects Form to Chat App: from n/a th…
CVE-2024-31257 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Formsite Formsite | Embed online forms to collect orders, registrations, leads, and surveys allow…
CVE-2024-24888 medium 6.5 6.5 2y ago Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
CVE-2024-31104 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GetResponse GetResponse for WordPress allows Stored XSS.This issue affects GetResponse for WordPr…
CVE-2024-31101 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech AI Twitter Feeds (Twitter widget & shortcode) allows Stored XSS.This issue affect…
CVE-2024-30559 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D…
CVE-2024-30557 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from…
CVE-2024-30556 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pro…
CVE-2024-30555 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayan Datta Ultimate Social Comments – Email Notification & Lazy Load allows Stored XSS.This issu…
CVE-2024-30552 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wppdf.Org Responsive flipbook allows Stored XSS.This issue affects Responsive flipbook: from n/a …
CVE-2024-31117 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moises Heberle WooCommerce Bookings Calendar.This issue affects WooCommerce Bookings Calendar: fr…
CVE-2024-30543 medium 6.5 6.5 2y ago Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18.
CVE-2024-30443 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Testimonial Slider allows Stored XSS.This issue affects GS Testimonial Slider: from…
CVE-2024-30438 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Print Page block allows Stored XSS.This issue affects Print Page block: from n/a through…
CVE-2024-30437 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar …
CVE-2024-30436 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through …
CVE-2024-30433 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX WC Marketplace allows Stored XSS.This issue affects WC Marketplace: from n/a through…
CVE-2024-30432 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Slider - Slider for your block editor allows Stored XSS.This issue affects B Slider - …
CVE-2024-30451 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in INFINITUM FORM Geo Controller allows Stored XSS.This issue affects Geo Controller: from n/a throu…
CVE-2024-30450 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Step-Byte-Service GmbH OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Com…
CVE-2024-30445 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.1…
CVE-2024-30513 medium 6.5 6.5 2y ago Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2.
CVE-2024-29765 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alireza Sedghi Aparat for WordPress allows Stored XSS.This issue affects Aparat for WordPress: fr…
CVE-2024-29764 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui allows Stored XSS.This issue affects Molongui: from n/a through 4.7.7.
CVE-2024-29762 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows Stored XSS.This issue affects Off-Ca…
CVE-2024-29761 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Krunal Prajapati WP Post Disclaimer allows Stored XSS.This issue affects WP Post Disclaimer: from…
CVE-2024-29803 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05.
CVE-2024-29802 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a throu…
CVE-2024-29801 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Petri Damstén Fullscreen Galleria allows Stored XSS.This issue affects Fullscreen Galleria: from …
CVE-2024-29799 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Epsiloncool WP Fast Total Search allows Stored XSS.This issue affects WP Fast Total Search: from …
CVE-2024-29798 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4.
CVE-2024-29797 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Darko Grid Shortcodes allows Stored XSS.This issue affects Grid Shortcodes: from n/a through 1…
CVE-2024-29795 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Interfacelab Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more…
CVE-2024-29789 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Walter Pinem OneClick Chat to Order allows Stored XSS.This issue affects OneClick Chat to Order: …
CVE-2024-29788 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a thro…
CVE-2024-29775 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vinoth06. Frontend Dashboard allows Stored XSS.This issue affects Frontend Dashboard: from n/a th…
CVE-2024-29772 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stormhill Media MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore:…
CVE-2024-29771 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress allows Stored XSS.Th…
CVE-2024-29769 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery –…
CVE-2024-29766 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels…
CVE-2024-30184 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Looking Forward Software Incorporated. Popup Builder allows Stored XSS.This issue affects Popup B…
CVE-2024-30183 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder allows Stored XSS.This issue affects Livemesh …
CVE-2024-30180 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Social Feed allows Stored XSS.This issue affects Easy Social Feed: from n/a through 6.5.3.
CVE-2024-29817 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit allows Stored XSS.This issue affects affiliate-toolki…
CVE-2024-29814 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Exchange Rates Widget allows Stored XSS.This issue affects Exchange Rates Widg…
CVE-2024-29936 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksera Image Hover Effects – Elementor Addon allows Stored XSS.This issue affects Image Hover …
CVE-2024-29934 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elem…
CVE-2024-29933 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.1…
CVE-2024-29930 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Crypto Converter Widget allows Stored XSS.This issue affects Crypto Converter …
CVE-2024-29917 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Compact WP Audio Player allows Stored XSS.This issue affects Compact WP Audio Player: from n/a th…
CVE-2024-30192 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from…
CVE-2024-29914 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MotoPress Stratum allows Stored XSS.This issue affects Stratum: from n/a through 1.3.15.
CVE-2024-29912 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Baptiste Placé iCalendrier allows Stored XSS.This issue affects iCalendrier: from n/a through 1.8…
CVE-2024-29910 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alordiel Dropdown Multisite selector allows Stored XSS.This issue affects Dropdown Multisite sele…
CVE-2024-29909 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Camille Verrier Travelers' Map allows Stored XSS.This issue affects Travelers' Map: from n/a thro…
CVE-2024-29908 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Stored XSS.This issue affects Co-marquage service-pub…
CVE-2024-29820 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedNao PDF Builder for WPForms allows Stored XSS.This issue affects PDF Builder for WPForms: from…
CVE-2024-30233 medium 6.5 6.5 2y ago Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.1.
CVE-2024-2906 medium 6.5 6.5 2y ago Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2024-22156 medium 6.5 6.5 2y ago Missing Authorization vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15.
CVE-2024-24718 medium 6.5 6.5 2y ago Missing Authorization vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.6.
CVE-2024-24835 medium 6.5 6.5 2y ago Missing Authorization vulnerability in realmag777 BEAR.This issue affects BEAR: from n/a through 1.1.4.
CVE-2024-2769 medium 6.5 6.5 2y ago A vulnerability was detected in Campcodes Complete Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/admin-profile.php. The manipulation of th…
CVE-2024-2580 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: fro…
CVE-2024-29089 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Menu allows Stored XSS.This issue affects Five Star Restau…
CVE-2024-29104 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through 1.1…
CVE-2024-29098 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7.
CVE-2024-29096 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic.This issue affects MJM Clinic: from n/a through 1.1.22.
CVE-2024-29122 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Stored XSS.This issue …
CVE-2024-29118 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scrollsequence allows Stored XSS.This issue affects Scrollsequence: from n/a through 1.5.4.
CVE-2024-29111 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webvitaly Sitekit allows Stored XSS.This issue affects Sitekit: from n/a through 1.6.
CVE-2024-29143 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cozmoslabs, sareiodata Passwordless Login passwordless-login allows Stored XSS.This issue affects…
CVE-2024-23523 medium 6.5 6.5 2y ago Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2.
CVE-2024-25936 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc., Lawrie Malen SoundCloud Shortcode allows Stored XSS.This issue affects SoundClou…
CVE-2024-25919 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Templat…
CVE-2024-25916 medium 6.5 6.5 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joseph C Dolson My Calendar allows Stored XSS.This issue affects My Calendar: from n/a through 3.…
CVE-2024-1250 medium 6.5 6.5 2y ago An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able t…
CVE-2024-1066 medium 6.5 6.5 2y ago An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using…
CVE-2024-22134 medium 6.5 6.5 2y ago Server-Side Request Forgery (SSRF) vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70.
CVE-2024-12038 medium 6.4 6.4 1y ago The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin…
CVE-2024-12599 medium 6.4 6.4 1y ago The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.1 due to insu…
CVE-2024-32803 medium 6.4 6.4 2y ago Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce.This issue affects SuperFaktura WooCommerce: from n/a through 1.40.3.
CVE-2024-26875 medium 6.4 6.4 2y ago In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix uaf in pvr2_context_set_notify [Syzbot reported] BUG: KASAN: slab-use-after-free in pvr2_context_set_notify+0…
CVE-2024-33722 medium 6.3 6.3 28d ago SOPlanning 1.52.00 is vulnerable to SQL Injection by an authenticated user via projets.php with statut[].
CVE-2024-13065 medium 6.3 6.3 9mo ago Improper Enforcement of Behavioral Workflow, Uncontrolled Resource Consumption vulnerability in Akinsoft MyRezzta allows Input Data Manipulation, CAPEC - 125 - Flooding. This issue affects MyRezzta:…
CVE-2024-12924 medium 6.3 6.3 9mo ago URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing. This issue affects QR Menü: from s1.05.05 before v1.05.12.
CVE-2024-39811 medium 6.3 6.3 2y ago Improper input validation in firmware for some Intel(R) Server M20NTP Family UEFI may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-37929 medium 6.3 6.3 2y ago Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through …
CVE-2024-43954 medium 6.3 6.3 2y ago Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1.
CVE-2024-33923 medium 6.3 6.3 2y ago Missing Authorization vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.69.
CVE-2024-31272 medium 6.3 6.3 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1.
CVE-2024-29097 medium 6.3 6.3 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.…
CVE-2024-48519 medium 6.2 6.2 23d ago Buffer Overflow vulnerability in Ardupilot rover commit v.c56439b045162058df0ff136afea3081fcd06d38 allows a local attacker to cause a denial of service via the AP_InertialSensor_ADIS1647x.cpp, ArduRo…
CVE-2024-51395 medium 6.2 6.2 23d ago Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_SmartAudio::loop, AP_SmartAudio…