6.5

CVSS3.1

CVE-2024-9100 - Local File Inclusion

Zohocorp ManageEngine Analytics Plus versions before 5410 andย Zoho Analytics On-Premiseย versions before 5410 are vulnerable to Path traversal.

๐Ÿ“… Published: Oct. 3, 2024, 2:17 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2024-47554 - Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader

Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgโ€ฆ

๐Ÿ“… Published: Oct. 3, 2024, 11:32 a.m. ๐Ÿ”„ Last Modified: Jan. 31, 2025, 3:15 p.m.

8.8

CVSS3.1

CVE-2024-9313 -

Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them.

๐Ÿ“… Published: Oct. 3, 2024, 11:04 a.m. ๐Ÿ”„ Last Modified: Aug. 26, 2025, 5:44 p.m.

9.2

CVSS4.0

CVE-2024-47561 - Apache Avro Java SDK: Arbitrary Code Execution when reading Avro schema (Java SDK)

Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code. Users are recommended to upgrade to version 1.11.4ย  or 1.12.0, which fix this issue.

๐Ÿ“… Published: Oct. 3, 2024, 10:23 a.m. ๐Ÿ”„ Last Modified: Nov. 21, 2024, 9:39 a.m.

4.3

CVSS3.1

CVE-2024-42504 - HPE IceWall Agent products, Cross-Site Request Forgery (CSRF)

A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a Cross-Site Request Forgery (CSRF) in the login flow.

๐Ÿ“… Published: Oct. 3, 2024, 6:38 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.4

CVSS3.1

CVE-2024-8159 - Deep Freeze 9.00.020.5760 - Out-of-bounds read

Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.

๐Ÿ“… Published: Oct. 3, 2024, 6:10 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-8352 - Social Web Suite โ€“ Social Media Auto Post, Social Media Auto Publish <= 4.1.11 - Directory Traversaโ€ฆ

The Social Web Suite โ€“ Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function. This makes it possible for unauthenticated attackers to read the contents of arbitrary filesโ€ฆ

๐Ÿ“… Published: Oct. 3, 2024, 3:32 a.m. ๐Ÿ”„ Last Modified: April 8, 2026, 5:01 p.m.

7.8

CVSS3.1

CVE-2024-47136 -

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denโ€ฆ

๐Ÿ“… Published: Oct. 3, 2024, 2:54 a.m. ๐Ÿ”„ Last Modified: Oct. 15, 2024, 6:20 p.m.

7.8

CVSS3.1

CVE-2024-47135 -

Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may caโ€ฆ

๐Ÿ“… Published: Oct. 3, 2024, 2:53 a.m. ๐Ÿ”„ Last Modified: Oct. 15, 2024, 6:21 p.m.

7.8

CVSS3.1

CVE-2024-47134 -

Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a deโ€ฆ

๐Ÿ“… Published: Oct. 3, 2024, 2:53 a.m. ๐Ÿ”„ Last Modified: Oct. 16, 2024, 1:50 p.m.
Total resulsts: 349182
Page 8411 of 34,919
ยซ previous page ยป next page
Filters