| 2024-08-02 | CVE-2024-40723 | Out-of-bounds Write vulnerability in Changingtec Hwatai Servisign
The specific API in HWATAIServiSign Windows Version from CHANGING Information Technology does not properly validate the length of server-side inputs. | 4.3 |
| 2024-08-02 | CVE-2024-6704 | The Comments – wpDiscuz plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 7.6.21. | 5.3 |
| 2024-08-02 | CVE-2024-7204 | Cross-site Scripting vulnerability in AI3 Qbibot 8.0.9
Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. | 6.1 |
| 2024-08-02 | CVE-2024-7323 | Path Traversal vulnerability in Digiwin Easyflow .Net
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. | 6.5 |
| 2024-08-02 | CVE-2024-27182 | Files or Directories Accessible to External Parties vulnerability in Apache Linkis 1.4.0/1.5.0
In Apache Linkis <= 1.5.0, Arbitrary file deletion in Basic management services on A user with an administrator account could delete any file accessible by the Linkis system user . Users are recommended to upgrade to version 1.6.0, which fixes this issue. | 4.9 |
| 2024-08-02 | CVE-2024-40719 | Inadequate Encryption Strength vulnerability in Changingtec TCB Servisign
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign Windows Version is insufficient. | 6.5 |
| 2024-08-02 | CVE-2024-4643 | The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘end_redirect_link’ parameter in versions up to, and including, 5.7.1 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-08-02 | CVE-2024-39396 | InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 5.5 |
| 2024-08-02 | CVE-2024-3827 | The Spectra Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via block ids in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |
| 2024-08-02 | CVE-2024-6567 | The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. | 5.3 |