Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dw. vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-24800
The DW Question & Answer Pro WordPress plugin up to and including 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.
Designwall Dw Question \\& Answer
NA
CVE-2010-1302
Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote malicious users to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
Decryptweb Com Dwgraphs 1.0
1 EDB exploit
6.1
CVSSv3
CVE-2019-19112
The wpForo plugin 1.6.5 for WordPress allows XSS involving the wpf-dw-td-value class of dashboard.php.
Gvectors Wpforo 1.6.5
4.8
CVSSv3
CVE-2018-19892
DomainMOD up to and including 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
Domainmod Domainmod
NA
CVE-2024-27408
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell regi...
NA
CVE-2024-27409
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory as the HDMA controller register. If the doorbell regi...
7.8
CVSSv3
CVE-2023-44122
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launche...
Google Android 12.0
Google Android 13.0
NA
CVE-2021-47165
In the Linux kernel, the following vulnerability has been resolved: drm/meson: fix shutdown crash when component not probed When main component is not probed, by example when the dw-hdmi module is not loaded yet or in probe defer, the following crash appears on shutdown: Unable t...
NA
CVE-2004-2509
Cross-site scripting (XSS) vulnerabilities in (1) calendar.php, (2) login.php, and (3) online.php in Infopop UBB.Threads 6.2.3 and 6.5 allow remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.5
3 EDB exploits
NA
CVE-2004-2510
Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads prior to 6.5 allows remote malicious users to inject arbitrary web script or HTML via the Cat parameter.
Ubbcentral Ubb.threads 6.0
Ubbcentral Ubb.threads 6.2.2
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.4.4
Ubbcentral Ubb.threads 6.1
Ubbcentral Ubb.threads 6.1.1
Ubbcentral Ubb.threads 6.4
Ubbcentral Ubb.threads 6.4.1
Ubbcentral Ubb.threads 6.2
Ubbcentral Ubb.threads 6.2.1
Ubbcentral Ubb.threads 6.4.2
Ubbcentral Ubb.threads 6.4.3
Ubbcentral Ubb.threads 6.0.1
Ubbcentral Ubb.threads 6.0.2
Ubbcentral Ubb.threads 6.0.3
Ubbcentral Ubb.threads 6.3
Ubbcentral Ubb.threads 6.3.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2