Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-10-01 CVE-2024-46261 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2024-46263 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2024-46264 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2024-46267 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2024-46274 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2024-46276 Out-of-bounds Write vulnerability in Randygaul Cute PNG 1.05
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h.
local
low complexity
randygaul CWE-787
7.8
7.8
2024-10-01 CVE-2023-3441 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4.
network
low complexity
gitlab
critical
 9.1
9.1
2024-10-01 CVE-2024-9060 The AVIF & SVG Uploader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in version 1.1.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2024-10-01 CVE-2024-8288 The Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:guten-post-layout/post-grid' Gutenberg block in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
2024-10-01 CVE-2024-8324 The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘get_slider’ function in all versions up to, and including, 3.8.6 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4