11
|
9.8 |
CRITICAL
Network
microsoft
|
office 365_apps office_long_term_servicing_channel
|
Microsoft Outlook Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-21413
|
2024-10-9 11:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
12
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_23h2 windows_10_22h2 windows_11_22h2 windows_10_21h2 windows_11_21h2 windows_server_2022 windows_server_2019 windows_10_1809 windows_server_2022_23h2
|
Windows Kernel Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-21338
|
2024-10-9 11:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
13
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Windows MSHTML Platform Spoofing Vulnerability
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-43573
|
2024-10-9 10:00 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
14
|
7.8 |
HIGH
Local
|
-
|
-
|
Microsoft Management Console Remote Code Execution Vulnerability
New
|
CWE-707
Improper Enforcement of Message or Data Structure
|
CVE-2024-43572
|
2024-10-9 10:00 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
15
|
7.8 |
HIGH
Local
|
-
|
-
|
Memory corruption while maintaining memory maps of HLOS memory.
New
|
-
|
CVE-2024-43047
|
2024-10-9 10:00 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
16
|
- |
|
-
|
-
|
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
-
|
CVE-2024-9603
|
2024-10-9 08:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
17
|
- |
|
-
|
-
|
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
New
|
-
|
CVE-2024-9602
|
2024-10-9 08:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
18
|
4.3 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up …
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-8520
|
2024-10-9 06:50 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
19
|
6.1 |
MEDIUM
Network
|
clio
|
clio_grow
|
The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.2.…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8802
|
2024-10-9 06:49 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
20
|
8.8 |
HIGH
Network
|
cisco
|
ios_xr network_services_orchestrator small_business_rv_series_router_firmware
|
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisc…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20381
|
2024-10-9 06:43 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|