741
|
6.1 |
MEDIUM
Network
|
wpfactory
|
eu\/uk_vat_manager_for_woocommerce
|
The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8788
|
2024-10-4 02:25 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
742
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specia…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24922
|
2024-10-4 02:21 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
743
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24921
|
2024-10-4 02:21 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
744
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specia…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24920
|
2024-10-4 02:20 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
745
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting versions up to and including 1.2.2. The vulnerability allows unauthorized users to view any prompts in an…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-5131
|
2024-10-4 01:59 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
746
|
7.5 |
HIGH
Network
lunary
|
lunary
|
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including 1.2.2, which allows unauthenticated users to delete any dataset. The vulnerability is due to the lack …
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-5130
|
2024-10-4 01:57 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
747
|
8.2 |
HIGH
Network
lunary
|
lunary
|
A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can delete any datasets due to missing authorization checks. The vulnerability is present in the dataset …
|
CWE-862
Missing Authorization
|
CVE-2024-5129
|
2024-10-4 01:56 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
748
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to bu…
|
NVD-CWE-noinfo
|
CVE-2024-5126
|
2024-10-4 01:52 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
749
|
9.8 |
CRITICAL
Network
motorola
|
vigilant_fixed_lpr_coms_box_firmware
|
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-38281
|
2024-10-4 01:51 |
2024-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
750
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
The panasonic laptop code in various places uses the SINF a…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46859
|
2024-10-4 01:47 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|