|
311571
|
9.8 |
CRITICAL
Network
|
coderevolution
|
echo_rss_feed_post_generator
|
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. This is due to the plugin not properly restricting the roles t…
|
NVD-CWE-noinfo
|
CVE-2024-9265
|
2024-10-8 03:48 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311572
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensit…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-7670
|
2024-10-8 03:43 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311573
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sen…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7672
|
2024-10-8 03:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311574
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitra…
|
CWE-416
Use After Free
|
CVE-2024-7675
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311575
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or e…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7674
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311576
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or ex…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7673
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311577
|
7.8 |
HIGH
Local
|
autodesk
|
navisworks
|
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write se…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7671
|
2024-10-8 03:34 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311578
|
9.8 |
CRITICAL
Network
|
redefiningtheweb
|
affiliate_pro
|
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. This is due to the rtwwwap_login_request_callbac…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-9289
|
2024-10-8 03:25 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311579
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xr
|
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause …
|
NVD-CWE-noinfo
|
CVE-2024-20406
|
2024-10-8 02:56 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311580
|
5.3 |
MEDIUM
Network
|
cisco
|
ios_xr
|
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.
This vu…
|
NVD-CWE-Other
|
CVE-2024-20390
|
2024-10-8 02:51 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
