7.1

CVSS3.1

CVE-2024-49320 - WordPress Encyclopedia / Glossary / Wiki plugin <= 1.7.60 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dennis Encyclopedia / Glossary / Wiki encyclopedia-lexicon-glossary-wiki-dictionary allows Reflected XSS.This issue affects Encyclopedia / Glossary / Wiki: from n/a through <= 1.7.60.

πŸ“… Published: Oct. 17, 2024, 11:48 a.m. πŸ”„ Last Modified: April 23, 2026, 3:19 p.m.

6.4

CVSS3.1

CVE-2024-9898 - Parallax Image <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via dd-parallax Sh…

The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated atta…

πŸ“… Published: Oct. 17, 2024, 11:03 a.m. πŸ”„ Last Modified: April 8, 2026, 4:54 p.m.

5.1

CVSS3.1

CVE-2024-45713 - SolarWinds Kiwi CatTools Sensitive Information Disclosure Vulnerability

SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes.

πŸ“… Published: Oct. 17, 2024, 11:02 a.m. πŸ”„ Last Modified: Feb. 25, 2025, 5:15 p.m.

8.5

CVSS4.0

CVE-2024-10068 - OpenSight Software FlashFXP FlashFXP.exe uncontrolled search path

A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit…

πŸ“… Published: Oct. 17, 2024, 11 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2024-10025 - Vulnerability in SICK CLV6xx, SICK Lector6xx and SICK RFx6xx

A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an β€œAuthorized Client” if the customer has not changed the default password.

πŸ“… Published: Oct. 17, 2024, 9:58 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.7

CVSS3.1

CVE-2024-49386 -

Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

πŸ“… Published: Oct. 17, 2024, 9:49 a.m. πŸ”„ Last Modified: Oct. 18, 2024, 8:11 p.m.

7.8

CVSS3.1

CVE-2024-49389 -

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

πŸ“… Published: Oct. 17, 2024, 9:49 a.m. πŸ”„ Last Modified: Oct. 18, 2024, 8:11 p.m.

7.3

CVSS3.1

CVE-2024-49390 -

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

πŸ“… Published: Oct. 17, 2024, 9:49 a.m. πŸ”„ Last Modified: Oct. 18, 2024, 8:11 p.m.

7.3

CVSS3.1

CVE-2024-49391 -

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

πŸ“… Published: Oct. 17, 2024, 9:48 a.m. πŸ”„ Last Modified: Oct. 18, 2024, 8:10 p.m.

4.8

CVSS3.1

CVE-2024-49392 -

Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

πŸ“… Published: Oct. 17, 2024, 9:48 a.m. πŸ”„ Last Modified: Oct. 18, 2024, 8:10 p.m.
Total resulsts: 349182
Page 8255 of 34,919
Β« previous page Β» next page
Filters