| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-6594 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single… | ||
| CVE-2024-7481 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their… | ||
| CVE-2024-7479 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their… | ||
| CVE-2024-45817 | Hig | 0.47 | 7.3 | 0.01 | Sep 25, 2024 | In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector,… | ||
| CVE-2024-31146 | Hig | 0.49 | 7.5 | 0.00 | Sep 25, 2024 | When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration… | ||
| CVE-2024-31145 | Hig | 0.49 | 7.5 | 0.00 | Sep 25, 2024 | Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise… | ||
| CVE-2024-8175 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. | ||
| CVE-2024-8290 | Hig | 0.50 | 8.8 | 0.01 | Sep 25, 2024 | The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFM_Customers_Manage_Controller::processing function… | ||
| CVE-2024-8484 | Hig | 0.42 | 7.5 | 0.04 | Sep 25, 2024 | The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied… | ||
| CVE-2024-8481 | Hig | 0.41 | 7.3 | 0.01 | Sep 25, 2024 | The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 6.2.4. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run all shortcodes in comments. This… | ||
| CVE-2024-8349 | Hig | 0.47 | 7.2 | 0.01 | Sep 25, 2024 | The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers,… | ||
| CVE-2024-7617 | Hig | 0.40 | 7.2 | 0.01 | Sep 25, 2024 | The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Contact Form 7 form fields in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated… | ||
| CVE-2024-9123 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-9122 | Hig | 0.58 | 8.8 | 0.06 | Sep 25, 2024 | Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-9121 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-9120 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2024-8941 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via… | ||
| CVE-2024-8914 | Hig | 0.40 | 7.2 | 0.00 | Sep 25, 2024 | The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which… | ||
| CVE-2024-8497 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials. | ||
| CVE-2024-46936 | Hig | 0.49 | 7.5 | 0.00 | Sep 25, 2024 | Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and before is vulnerable to a message forgery / impersonation issue. Attackers can abuse the UpdateOTRAck method to send ephemeral messages as if they were any other user they choose. | ||
| CVE-2024-46935 | Hig | 0.42 | 7.5 | 0.01 | Sep 25, 2024 | Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser. | ||
| CVE-2024-46610 | Hig | 0.49 | 7.5 | 0.00 | Sep 25, 2024 | An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java | ||
| CVE-2024-46609 | Hig | 0.49 | 7.5 | 0.01 | Sep 25, 2024 | An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords | ||
| CVE-2024-46607 | Hig | 0.49 | 7.6 | 0.00 | Sep 25, 2024 | Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file. | ||
| CVE-2024-45373 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator. | ||
| CVE-2024-41725 | Hig | 0.57 | 8.8 | 0.00 | Sep 25, 2024 | ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting. | ||
| CVE-2024-39928 | — | Hig | 0.42 | 7.5 | 0.01 | Sep 25, 2024 | In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue. | |
| CVE-2024-21545 | Hig | 0.53 | 8.2 | 0.00 | Sep 25, 2024 | Proxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against malicious API response values allow authenticated attackers with 'Sys.Audit' or 'VM.Monitor' privileges to download arbitrary host files via… | ||
| CVE-2023-26691 | Hig | 0.47 | 7.2 | 0.01 | Sep 25, 2024 | Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on. | ||
| CVE-2023-26690 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2024 | File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File Manager/Editor component in the vendor or admin menu. | ||
| CVE-2023-26687 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2024 | Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the product_data parameter in the PDF Add-on. | ||
| CVE-2021-38963 | Hig | 0.52 | 8.0 | 0.01 | Sep 25, 2024 | IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute… | ||
| CVE-2024-8623 | Hig | 0.48 | 7.3 | 0.01 | Sep 24, 2024 | The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before… | ||
| CVE-2022-2439 | Hig | 0.40 | 7.2 | 0.01 | Sep 24, 2024 | The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative… | ||
| CVE-2024-8795 | Hig | 0.57 | 8.8 | 0.00 | Sep 24, 2024 | The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.20. This is due to missing or incorrect nonce validation on the my_account_update() function. This makes it possible for unauthenticated attackers to… | ||
| CVE-2024-7023 | Hig | 0.57 | 8.8 | 0.00 | Sep 23, 2024 | Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium) | ||
| CVE-2024-7018 | Hig | 0.51 | 7.8 | 0.00 | Sep 23, 2024 | Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||
| CVE-2021-38023 | Hig | 0.57 | 8.8 | 0.00 | Sep 23, 2024 | Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2018-20072 | Hig | 0.51 | 7.8 | 0.00 | Sep 23, 2024 | Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low) | ||
| CVE-2024-42861 | Hig | 0.49 | 7.5 | 0.02 | Sep 23, 2024 | An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function | ||
| CVE-2024-46639 | Hig | 0.49 | 7.6 | 0.00 | Sep 23, 2024 | A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box. | ||
| CVE-2024-43201 | Hig | 0.57 | 8.8 | 0.00 | Sep 23, 2024 | The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12… | ||
| CVE-2024-37779 | Hig | 0.57 | 8.8 | 0.01 | Sep 23, 2024 | WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality. | ||
| CVE-2024-39842 | Hig | 0.47 | 7.2 | 0.02 | Sep 23, 2024 | A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs. | ||
| CVE-2024-40442 | Hig | 0.40 | 7.2 | 0.01 | Sep 23, 2024 | An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request. | ||
| CVE-2024-46985 | Hig | 0.49 | 7.5 | 0.01 | Sep 23, 2024 | DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An attacker can construct a payload to implement intranet detection and file… | ||
| CVE-2024-41228 | Hig | 0.49 | 7.6 | 0.00 | Sep 23, 2024 | A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files. | ||
| CVE-2024-23934 | Hig | 0.57 | 8.8 | 0.01 | Sep 23, 2024 | Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability… | ||
| CVE-2024-7835 | Hig | 0.57 | — | 0.00 | Sep 23, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exnet Informatics Software Ferry Reservation System allows Reflected XSS. This issue affects Ferry Reservation System: before 240805-002. | ||
| CVE-2024-8606 | Hig | 0.57 | 8.8 | 0.00 | Sep 23, 2024 | Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication |
- risk 0.49cvss 7.5epss 0.01
Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network access to the client could create a denial of service condition for the Single…
- risk 0.57cvss 8.8epss 0.00
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…
- risk 0.57cvss 8.8epss 0.00
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…
- risk 0.47cvss 7.3epss 0.01
In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector,…
- risk 0.49cvss 7.5epss 0.00
When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration…
- risk 0.49cvss 7.5epss 0.00
Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation. Since the precise…
- risk 0.49cvss 7.5epss 0.01
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.
- risk 0.50cvss 8.8epss 0.01
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.12 via the WCFM_Customers_Manage_Controller::processing function…
- risk 0.42cvss 7.5epss 0.04
The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the /wp-json/watch-life-net/v1/comment/getcomments REST API endpoint in all versions up to, and including, 4.7.1 due to insufficient escaping on the user supplied…
- risk 0.41cvss 7.3epss 0.01
The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 6.2.4. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run all shortcodes in comments. This…
- risk 0.47cvss 7.2epss 0.01
The Uncanny Groups for LearnDash plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.1. This is due to the plugin not properly restricting what users a group leader can edit. This makes it possible for authenticated attackers,…
- risk 0.40cvss 7.2epss 0.01
The Contact Form to Any API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Contact Form 7 form fields in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated…
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
- risk 0.58cvss 8.8epss 0.06
Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.01
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via…
- risk 0.40cvss 7.2epss 0.00
The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wp_kses_allowed_html function, which…
- risk 0.49cvss 7.5epss 0.01
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials.
- risk 0.49cvss 7.5epss 0.00
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and before is vulnerable to a message forgery / impersonation issue. Attackers can abuse the UpdateOTRAck method to send ephemeral messages as if they were any other user they choose.
- risk 0.42cvss 7.5epss 0.01
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
- risk 0.49cvss 7.5epss 0.00
An access control issue in IceCMS v3.4.7 and before allows attackers to arbitrarily modify users' information, including username and password, via a crafted POST request sent to the endpoint /User/ChangeUser/s in the ChangeUser function in UserController.java
- risk 0.49cvss 7.5epss 0.01
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and before allows unauthenticated attackers to access and returns all user information, including passwords
- risk 0.49cvss 7.6epss 0.00
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering any arbitrary values as the username and password via the loginAdmin method in the UserController.java file.
- risk 0.57cvss 8.8epss 0.00
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
- risk 0.57cvss 8.8epss 0.00
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.
- risk 0.42cvss 7.5epss 0.01
In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue.
- risk 0.53cvss 8.2epss 0.00
Proxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against malicious API response values allow authenticated attackers with 'Sys.Audit' or 'VM.Monitor' privileges to download arbitrary host files via…
- risk 0.47cvss 7.2epss 0.01
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on.
- risk 0.57cvss 8.8epss 0.01
File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File Manager/Editor component in the vendor or admin menu.
- risk 0.57cvss 8.8epss 0.01
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the product_data parameter in the PDF Add-on.
- risk 0.52cvss 8.0epss 0.01
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute…
- risk 0.48cvss 7.3epss 0.01
The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before…
- risk 0.40cvss 7.2epss 0.01
The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'upload[file]' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative…
- risk 0.57cvss 8.8epss 0.00
The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.20. This is due to missing or incorrect nonce validation on the my_account_update() function. This makes it possible for unauthenticated attackers to…
- risk 0.57cvss 8.8epss 0.00
Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
- risk 0.51cvss 7.8epss 0.00
Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.51cvss 7.8epss 0.00
Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low)
- risk 0.49cvss 7.5epss 0.02
An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function
- risk 0.49cvss 7.6epss 0.00
A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box.
- risk 0.57cvss 8.8epss 0.00
The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12…
- risk 0.57cvss 8.8epss 0.01
WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality.
- risk 0.47cvss 7.2epss 0.02
A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via user massive changes inputs.
- risk 0.40cvss 7.2epss 0.01
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request.
- risk 0.49cvss 7.5epss 0.01
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An attacker can construct a payload to implement intranet detection and file…
- risk 0.49cvss 7.6epss 0.00
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files.
- risk 0.57cvss 8.8epss 0.01
Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability…
- risk 0.57cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exnet Informatics Software Ferry Reservation System allows Reflected XSS. This issue affects Ferry Reservation System: before 240805-002.
- risk 0.57cvss 8.8epss 0.00
Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows authenticated users to bypass two factor authentication