Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the import_from_debug AJAX action to inject PHP objects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress plugin before 1.8, to install any plugin (including. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin (including a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin (including a specific version) from the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin (including. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Captchinoo, Google recaptcha for admin login page WordPress plugin before 2.4, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click WordPress plugin before 3.1.5, to install any plugin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Express-handlebars is a Handlebars view engine for Express. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
TensorFlow is an end-to-end open source platform for machine learning. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.