Total
7977 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38716 | 2024-11-21 | 6.5 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Blue Plugins Events Calendar for Google allows PHP Local File Inclusion.This issue affects Events Calendar for Google: from n/a through 2.1.0. | ||||
| CVE-2024-38704 | 2024-11-21 | 6.5 Medium | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DynamicWebLab WordPress Team Manager allows PHP Local File Inclusion.This issue affects WordPress Team Manager: from n/a through 2.1.12. | ||||
| CVE-2024-38449 | 2024-11-21 | 7.7 High | ||
| A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions allows remote authenticated attackers to browse parent directories and read the content of files outside the scope of the application. | ||||
| CVE-2024-38358 | 2024-11-21 | 2.9 Low | ||
| Wasmer is a web assembly (wasm) Runtime supporting WASIX, WASI and Emscripten. If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both `oflags::creat` and `rights::fd_write`. Programs can also crash the runtime by creating a symlink pointing outside with `path_symlink` and `path_open`ing the link. This issue has been addressed in commit `b9483d022` which has been included in release version 4.3.2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-37928 | 2024-11-21 | 8.6 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NooTheme Jobmonster allows File Manipulation.This issue affects Jobmonster: from n/a through 4.7.0. | ||||
| CVE-2024-37902 | 2024-11-21 | 10 Critical | ||
| DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model Inference containers version 0.27.0. Users are advised to upgrade. | ||||
| CVE-2024-37825 | 2024-11-21 | 5.4 Medium | ||
| An issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop 3.2.0.27184 Hotfix May 2024) allows unauthenticated attackers on the same network to perform a directory traversal. | ||||
| CVE-2024-37520 | 1 Radiustheme | 1 Shopbuilder | 2024-11-21 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RadiusTheme ShopBuilder – Elementor WooCommerce Builder Addons allows Path Traversal.This issue affects ShopBuilder – Elementor WooCommerce Builder Addons: from n/a through 2.1.12. | ||||
| CVE-2024-37513 | 1 Themewinter | 1 Wpcafe | 2024-11-21 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows Path Traversal.This issue affects WPCafe: from n/a through 2.2.27. | ||||
| CVE-2024-37501 | 2024-11-21 | 8.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.This issue affects Advanced Classifieds & Directory Pro: from n/a through 3.1.3. | ||||
| CVE-2024-37462 | 1 G5plus | 1 Ultimate Bootstrap Elements For Elementor | 2024-11-21 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2. | ||||
| CVE-2024-37454 | 1 Awsm | 1 Awsm Team | 2024-11-21 | 6.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AWSM Innovations AWSM Team allows Path Traversal.This issue affects AWSM Team: from n/a through 1.3.1. | ||||
| CVE-2024-37437 | 1 Elementor | 1 Website Builder | 2024-11-21 | 5.5 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Elementor Elementor Website Builder allows Cross-Site Scripting (XSS), Stored XSS.This issue affects Elementor Website Builder: from n/a through 3.22.1. | ||||
| CVE-2024-37419 | 1 Codeless | 1 Cowidgets | 2024-11-21 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Codeless Cowidgets – Elementor Addons allows Path Traversal.This issue affects Cowidgets – Elementor Addons: from n/a through 1.1.1. | ||||
| CVE-2024-37268 | 1 Kaptinlin | 1 Striking | 2024-11-21 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in kaptinlin Striking allows Path Traversal.This issue affects Striking: from n/a through 2.3.4. | ||||
| CVE-2024-37266 | 1 Themeum | 1 Tutor Lms | 2024-11-21 | 4.9 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1. | ||||
| CVE-2024-37224 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2024-11-21 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.71. | ||||
| CVE-2024-37169 | 2024-11-21 | 5.3 Medium | ||
| @jmondi/url-to-png is a self-hosted URL to PNG utility. Versions prior to 2.0.3 are vulnerable to arbitrary file read if a threat actor uses the Playright's screenshot feature to exploit the file wrapper. Version 2.0.3 mitigates this issue by requiring input URLs to be of protocol `http` or `https`. No known workarounds are available aside from upgrading. | ||||
| CVE-2024-37092 | 1 Stylemixthemes | 1 Consulting Elementor Widgets | 2024-11-21 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0. | ||||
| CVE-2024-37089 | 1 Stylemixthemes | 1 Consulting Elementor Widgets | 2024-11-21 | 9 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0. | ||||