861
|
8.8 |
HIGH
Network
|
jch_optimize_project
|
jch_optimize
|
Broken Access Control vulnerability in Samuel Marshall JCH Optimize.This issue affects JCH Optimize: from n/a through 4.0.0.
Update
|
NVD-CWE-noinfo
|
CVE-2024-30481
|
2024-10-9 05:49 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
862
|
8.8 |
HIGH
Network
|
yithemes
|
woocommerce_account_funds
|
Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through 1.33.0.
Update
|
CWE-862
Missing Authorization
|
CVE-2024-30470
|
2024-10-9 05:43 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
863
|
7.5 |
HIGH
Network
jtekt
|
gc-a22w-cw_firmware gc-a24w-c\(w\)_firmware gc-a26w-c\(w\)_firmware gc-a24_firmware gc-a24-m_firmware gc-a25_firmware gc-a26_firmware gc-a26-j2_firmware gc-a27-c_firmware g…
|
Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2 series. If a remote unauthenticated attacker sends a specially crafted packets to specific ports, a denial-of-servic…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-49140
|
2024-10-9 05:35 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
864
|
6.8 |
MEDIUM
Adjacent
|
elecom
|
wrc-x3000gsn_firmware wrc-x3000gs_firmware wrc-x3000gsa_firmware
|
OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to…
Update
|
CWE-78
OS Command
|
CVE-2023-49695
|
2024-10-9 05:35 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
865
|
9.8 |
CRITICAL
Network
elecom
|
wrc-f1167acf_firmware wrc-1750ghbk_firmware wrc-1167ghbk2_firmware wrc-1750ghbk2-i_firmware wrc-1750ghbk-e_firmware
|
OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected pro…
Update
|
CWE-78
OS Command
|
CVE-2023-40069
|
2024-10-9 05:35 |
2023-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
866
|
9.8 |
CRITICAL
Network
broadcom
|
raid_controller_web_interface
|
Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection
Update
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2023-4344
|
2024-10-9 05:35 |
2023-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
867
|
8.8 |
HIGH
Network
|
google fedoraproject debian
|
chrome fedora debian_linux
|
Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corrupt…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-1820
|
2024-10-9 05:35 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
868
|
8.8 |
HIGH
Network
|
google fedoraproject debian
|
chrome fedora debian_linux
|
Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption vi…
Update
|
CWE-416
Use After Free
|
CVE-2023-1815
|
2024-10-9 05:35 |
2023-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
869
|
6.5 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite_frontend open-xchange_appsuite_backend open-xchange_office-web
|
Processing of user-defined mail search expressions is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Pr…
Update
|
NVD-CWE-noinfo
|
CVE-2023-41707
|
2024-10-9 05:30 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
870
|
9.8 |
CRITICAL
Network
wp-property-hive
|
propertyhive
|
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5.
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-23513
|
2024-10-9 05:22 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|