6.4

CVSS3.1

CVE-2024-4392 - Jetpack – WP Security, Backup, Speed, & Growth <= 13.3.1 - Authenticated (Contributor+) Stored Cros…

The Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpvideo shortcode in all versions up to, and including, 13.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it …

📅 Published: May 14, 2024, 8:32 a.m. 🔄 Last Modified: April 8, 2026, 5:18 p.m.

7.8

CVSS3.1

CVE-2024-28137 - PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series

A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.

📅 Published: May 14, 2024, 8:10 a.m. 🔄 Last Modified: Jan. 23, 2025, 6:55 p.m.

7.8

CVSS3.1

CVE-2024-28136 - PHOENIX CONTACT: command injection gains root privileges using the OCPP remote service

A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

📅 Published: May 14, 2024, 8:09 a.m. 🔄 Last Modified: Jan. 24, 2025, 7:15 a.m.

5

CVSS3.1

CVE-2024-28135 - PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series

A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly affected.

📅 Published: May 14, 2024, 8:09 a.m. 🔄 Last Modified: Jan. 24, 2025, 7:15 a.m.

7

CVSS3.1

CVE-2024-28134 - PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additi…

📅 Published: May 14, 2024, 8:09 a.m. 🔄 Last Modified: Jan. 23, 2025, 6:53 p.m.

7.8

CVSS3.1

CVE-2024-28133 - PHOENIX CONTACT: Privilege escalation in CHARX Series

A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. 

📅 Published: May 14, 2024, 8:09 a.m. 🔄 Last Modified: Jan. 23, 2025, 6:51 p.m.

6.2

CVSS3.1

CVE-2024-25969 -

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an allocation of resources without limits or throttling vulnerability. A local unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

📅 Published: May 14, 2024, 7:24 a.m. 🔄 Last Modified: Feb. 20, 2026, 6:38 p.m.

6.1

CVSS3.1

CVE-2024-25965 -

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service.

📅 Published: May 14, 2024, 7:16 a.m. 🔄 Last Modified: Feb. 20, 2026, 6:38 p.m.

5.3

CVSS3.1

CVE-2024-25966 -

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

📅 Published: May 14, 2024, 7:07 a.m. 🔄 Last Modified: Feb. 20, 2026, 6:38 p.m.

6.5

CVSS3.1

CVE-2024-25970 -

Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an improper input validation vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to loss of integrity.

📅 Published: May 14, 2024, 6:53 a.m. 🔄 Last Modified: Feb. 20, 2026, 6:38 p.m.
Total resulsts: 349182
Page 9880 of 34,919
« previous page » next page
Filters