5.3
CVE-2023-45009 - WordPress Captcha for Contact Form 7 plugin <= 1.11.3 - Capcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3.
7.8
CVE-2023-5751 - CODESYS: Development system prone to DoS through exposure of resource to wrong sphere
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere.ย
7.5
CVE-2024-5000 - CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products
An unauthenticated remote attacker can use aย malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.
6.4
CVE-2024-4581 - Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer claโฆ
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Add Layer widget in all versions up to, and including, 6.7.11 due to insufficient input sanitization and output escaping on the user supplied 'class', 'id', and 'title' attributes. This makes itโฆ
7.1
CVE-2024-5422 - Denial of Service
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows DoS via HTTP.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
8.7
CVE-2024-5421 - Authenticated Command Injection
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
8.3
CVE-2024-5420 - Stored Cross-Site Scripting in SEH Computertechnik utnserver Pro
Missing input validation in theย SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interfaceย allows stored Cross-Site Scripting (XSS)..This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
5.3
CVE-2023-44235 - WordPress WP Captcha plugin <= 2.0.0 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0.
9.1
CVE-2024-4253 - Command Injection in gradio-app/gradio
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within the 'test-functional.yml' workflow. The vulnerability arises due to improper neutralization of special elements used in a command, allowing for unauthorized modification of the base repository or secreโฆ
9.1
CVE-2024-36104 - Apache OFBiz: Path traversal leading to a RCE
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.ย This issue affects Apache OFBiz: before 18.12.14. Users are recommended to upgrade to version 18.12.14, which fixes the issue.