|
311521
|
9.8 |
CRITICAL
Network
|
internet-formation
|
wp-advanced-search
|
The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
|
CWE-89
SQL Injection
|
CVE-2024-9796
|
2024-10-16 03:46 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311522
|
5.5 |
MEDIUM
Local
|
paloaltonetworks
|
cortex_xdr_agent
|
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be le…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-9469
|
2024-10-16 03:38 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311523
|
4.4 |
MEDIUM
Local
|
paloaltonetworks
|
cortex_xdr_agent
|
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leverag…
|
NVD-CWE-Other
|
CVE-2024-8690
|
2024-10-16 03:38 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311524
|
7.8 |
HIGH
Local
|
jtekt
|
kostac_plc
|
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted p…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47135
|
2024-10-16 03:21 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311525
|
7.8 |
HIGH
Local
|
jtekt
|
kostac_plc
|
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project fi…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47136
|
2024-10-16 03:20 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311526
|
- |
|
-
|
-
|
An issue in Plug n Play Camera com.wisdomcity.zwave 1.1.0 allows a remote attacker to obtain sensitive information via the firmware update process.
|
-
|
CVE-2024-48770
|
2024-10-16 02:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311527
|
- |
|
-
|
-
|
angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the …
|
-
|
CVE-2024-42640
|
2024-10-16 02:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311528
|
7.8 |
HIGH
Local
|
siemens
|
tecnomatix_plant_simulation
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-45466
|
2024-10-16 02:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311529
|
7.8 |
HIGH
Local
|
siemens
|
tecnomatix_plant_simulation
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-45465
|
2024-10-16 02:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311530
|
7.8 |
HIGH
Local
|
siemens
|
tecnomatix_plant_simulation
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-45464
|
2024-10-16 02:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
