|
311901
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensit…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-7670
|
2024-10-8 03:43 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311902
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sen…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7672
|
2024-10-8 03:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311903
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitra…
|
CWE-416
Use After Free
|
CVE-2024-7675
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311904
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or e…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7674
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311905
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or ex…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7673
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311906
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write se…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7671
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311907
|
9.8 |
CRITICAL
Network
|
redefiningtheweb
|
affiliate_pro
|
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwap_login_request_callbac…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-9289
|
2024-10-8 03:25 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311908
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xr
|
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause …
|
NVD-CWE-noinfo
|
CVE-2024-20406
|
2024-10-8 02:56 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311909
|
5.3 |
MEDIUM
Network
|
cisco
|
ios_xr
|
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.
This vu…
|
NVD-CWE-Other
|
CVE-2024-20390
|
2024-10-8 02:51 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311910
|
7.2 |
HIGH
Network
|
-
|
-
|
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted inp…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-9314
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
