8.7

CVSS4.0

CVE-2024-41725 - Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE Cross-site Scripting

ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting.

πŸ“… Published: Sept. 24, 2024, 11:44 p.m. πŸ”„ Last Modified: Sept. 30, 2024, 7:55 p.m.

8.7

CVSS4.0

CVE-2024-8497 - Franklin Fueling Systems TS-550 EVO Absolute Path Traversal

Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read arbitrarily that could allow an attacker obtain administrator credentials.

πŸ“… Published: Sept. 24, 2024, 11:35 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-9171 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

πŸ“… Published: Sept. 24, 2024, 10:10 p.m. πŸ”„ Last Modified: Sept. 27, 2024, 5:15 p.m.

4.6

CVSS4.0

CVE-2024-7398 - Concrete CMS Stored XSS Vulnerability in Calendar Event Addition Feature

Concrete CMS versions 9 through 9.3.3 and versions below 8.5.19 are vulnerable to stored XSS in the calendar event addition feature because the calendar event name was not sanitized on output. Users or groups with permission to create event calendars can embed scripts, and users or groups with perm…

πŸ“… Published: Sept. 24, 2024, 9:30 p.m. πŸ”„ Last Modified: Jan. 21, 2025, 12:15 a.m.

5.1

CVSS4.0

CVE-2024-8291 - Concrete CMS Stored XSS in Image Editor Background Color

Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in Image Editor Background Color.Β  A rogue admin could add malicious code to the Thumbnails/Add-Type. The Concrete CMS Security Team gave this a CVSS v4 score of 5.1 with vector https://www.first.org/cvss/calculato…

πŸ“… Published: Sept. 24, 2024, 9:17 p.m. πŸ”„ Last Modified: Jan. 17, 2025, 10:15 p.m.

0.0

CVE-2024-9168 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

πŸ“… Published: Sept. 24, 2024, 7:36 p.m. πŸ”„ Last Modified: April 14, 2026, 12:36 p.m.

8.8

CVSS3.1

CVE-2024-9123 -

Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Sept. 24, 2024, 6:44 p.m. πŸ”„ Last Modified: Nov. 20, 2025, 7:16 p.m.

8.8

CVSS3.1

CVE-2024-9122 -

Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Sept. 24, 2024, 6:44 p.m. πŸ”„ Last Modified: Jan. 2, 2025, 4:06 p.m.

8.8

CVSS3.1

CVE-2024-9121 -

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Sept. 24, 2024, 6:44 p.m. πŸ”„ Last Modified: Jan. 2, 2025, 4:06 p.m.

8.8

CVSS3.1

CVE-2024-9120 -

Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Sept. 24, 2024, 6:44 p.m. πŸ”„ Last Modified: Jan. 2, 2025, 4:55 p.m.
Total resulsts: 349182
Page 8484 of 34,919
Β« previous page Β» next page
Filters