|
319731
|
7.8 |
HIGH
Local
|
adobe
|
framemaker
|
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability b…
|
CWE-426
Untrusted Search Path
|
CVE-2024-47422
|
2024-10-18 23:14 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319732
|
7.8 |
HIGH
Local
|
adobe
|
framemaker
|
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47421
|
2024-10-18 23:14 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319733
|
7.8 |
HIGH
Local
|
adobe
|
framemaker
|
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the curren…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-47425
|
2024-10-18 23:13 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319734
|
8.2 |
HIGH
Network
|
oracle
|
fusion_middleware
|
Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin). The supported version that is affected is 12.2.1.4.0. E…
|
NVD-CWE-noinfo
|
CVE-2024-21191
|
2024-10-18 23:13 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319735
|
9.1 |
CRITICAL
Network
|
oracle
|
fusion_middleware
|
Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning). The supported version that is affected is 12.2.1.4.0. Easily exploita…
|
NVD-CWE-noinfo
|
CVE-2024-21190
|
2024-10-18 23:11 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319736
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to m…
|
CWE-352
Origin Validation Error
|
CVE-2024-9351
|
2024-10-18 21:53 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319737
|
- |
|
-
|
-
|
The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role an…
|
-
|
CVE-2024-5429
|
2024-10-18 21:53 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319738
|
- |
|
-
|
-
|
The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to Account Takeover/Privilege Escalation via Insecure Direct Object Reference …
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-9263
|
2024-10-18 21:53 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319739
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters like 'MaxBeds' and 'MinBeds' in all versions up to, and including, 3.14.22 due to i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8719
|
2024-10-18 21:53 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319740
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.3.986 via the data_fetch. This makes it possible for authen…
|
CWE-200
Information Exposure
|
CVE-2024-7417
|
2024-10-18 21:53 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
