841
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Easy Mega Menu Plugin for WordPress – ThemeHunk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘themehunk_megamenu_bg_image' parameter in all versions up to, and includ…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8433
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
842
|
- |
|
-
|
-
|
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial
of service and loss of confidentiality & integrity when application user opens a malicious Zelio
Soft 2 …
|
CWE-416
Use After Free
|
CVE-2024-8422
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
843
|
- |
|
-
|
-
|
A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions.
|
-
|
CVE-2024-3506
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
844
|
9.8 |
CRITICAL
Network
-
|
-
|
The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.0.12. This is due to insufficient verification on the user being supplied during the boo…
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2024-8943
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
845
|
- |
|
-
|
-
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47196
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
846
|
- |
|
-
|
-
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the cur…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47195
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
847
|
- |
|
-
|
-
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47194
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
848
|
- |
|
-
|
-
|
A vulnerability has been identified in Simcenter Nastran 2306 (All versions), Simcenter Nastran 2312 (All versions), Simcenter Nastran 2406 (All versions < V2406.5000). The affected application is vu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-47046
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
849
|
9.8 |
CRITICAL
Network
-
|
-
|
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user supplie…
|
CWE-89
SQL Injection
|
CVE-2024-8911
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
850
|
- |
|
-
|
-
|
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge …
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2024-46887
|
2024-10-10 21:56 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|