|
307631
|
5.4 |
MEDIUM
Network
|
librenms
|
librenms
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Rules" feature allows authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47525
|
2024-10-8 04:08 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307632
|
5.4 |
MEDIUM
Network
|
librenms
|
librenms
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-8 04:07 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307633
|
9.8 |
CRITICAL
Network
|
definetlynotai
|
logicytics
|
Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2.
|
CWE-78
OS Command
|
CVE-2024-47608
|
2024-10-8 03:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307634
|
6.1 |
MEDIUM
Network
|
contempo
|
pdf_image_generator
|
The PDF Image Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9241
|
2024-10-8 03:51 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307635
|
9.8 |
CRITICAL
Network
|
coderevolution
|
echo_rss_feed_post_generator
|
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles t…
|
NVD-CWE-noinfo
|
CVE-2024-9265
|
2024-10-8 03:48 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307636
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensit…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-7670
|
2024-10-8 03:43 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307637
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sen…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7672
|
2024-10-8 03:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307638
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitra…
|
CWE-416
Use After Free
|
CVE-2024-7675
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307639
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or e…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7674
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307640
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or ex…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7673
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
