|
306361
|
7.8 |
HIGH
Local
|
microsoft
|
office
365_apps
office_long_term_servicing_channel
|
Microsoft Office Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43616
|
2024-10-22 05:47 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306362
|
9.8 |
CRITICAL
Network
|
rittal
|
iot_interface_firmware
cmc_iii_processing_units_firmware
|
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID generation algorithm. The session IDs are
predictable, with only 32,768 possible values per user, which…
|
CWE-331
Insufficient Entropy
|
CVE-2024-47945
|
2024-10-22 04:41 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306363
|
7.8 |
HIGH
Local
|
autodesk
|
revit
|
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, o…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7994
|
2024-10-22 03:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306364
|
7.8 |
HIGH
Local
|
autodesk
|
revit
|
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or exec…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7993
|
2024-10-22 03:27 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306365
|
4.9 |
MEDIUM
Network
|
oracle
|
application_express
|
Vulnerability in Oracle Application Express (component: General). Supported versions that are affected are 23.2 and 24.1. Difficult to exploit vulnerability allows low privileged attacker with netw…
|
NVD-CWE-noinfo
|
CVE-2024-21261
|
2024-10-22 03:27 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306366
|
8.8 |
HIGH
Network
|
vmware
|
vmware_hcx
|
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
malicious authenticated user with non-administrator privileges may be
able to enter specially crafted …
|
CWE-89
SQL Injection
|
CVE-2024-38814
|
2024-10-22 03:20 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306367
|
7.5 |
HIGH
Network
|
microsoft
|
.net
visual_studio_2022
|
.NET and Visual Studio Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43485
|
2024-10-22 03:01 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306368
|
7.5 |
HIGH
Network
|
microsoft
|
.net_framework
.net
visual_studio_2022
|
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43484
|
2024-10-22 02:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306369
|
7.5 |
HIGH
Network
|
microsoft
|
.net_framework
.net
visual_studio_2022
|
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43483
|
2024-10-22 02:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306370
|
- |
|
microsoft
|
internet_explorer
|
The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that (1) was not properly initializ…
|
CWE-94
Code Injection
|
CVE-2010-1260
|
2024-10-22 02:35 |
2010-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
