8.4

CVSS4.0

CVE-2024-47131 - Delta Electronics DIAScreen Stack-based Buffer Overflow

If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.

πŸ“… Published: Nov. 11, 2024, 2:53 p.m. πŸ”„ Last Modified: Jan. 30, 2025, 2:35 p.m.

5.3

CVSS4.0

CVE-2024-11070 - Sanluan PublicCMS Tag Type save cross site scripting

A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5.202406.d. This issue affects some unknown processing of the file /admin/cmsTagType/save of the component Tag Type Handler. The manipulation of the argument name leads to cross site scripting. The attack may …

πŸ“… Published: Nov. 11, 2024, 2:31 p.m. πŸ”„ Last Modified: Nov. 23, 2024, 1:31 a.m.

8.7

CVSS4.0

CVE-2024-10314 - Unauthenticated Denial of Service via Auto Generation Function

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol WiΔ™sek.

πŸ“… Published: Nov. 11, 2024, 2:11 p.m. πŸ”„ Last Modified: Jan. 29, 2025, 7:43 p.m.

8.7

CVSS4.0

CVE-2024-10344 - Unauthenticated Denial of Service via Refuse Function

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol WiΔ™sek.

πŸ“… Published: Nov. 11, 2024, 2:08 p.m. πŸ”„ Last Modified: Jan. 29, 2025, 7:41 p.m.

8.7

CVSS4.0

CVE-2024-10345 - Unauthenticated Denial of Service via Shutdown Function

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol WiΔ™sek.

πŸ“… Published: Nov. 11, 2024, 1:28 p.m. πŸ”„ Last Modified: Jan. 29, 2025, 7:39 p.m.

3.3

CVSS3.0

CVE-2024-34015 -

Sensitive information disclosure during file browsing due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892.

πŸ“… Published: Nov. 11, 2024, 1:21 p.m. πŸ”„ Last Modified: Feb. 27, 2025, 11:15 p.m.

5.5

CVSS3.0

CVE-2024-34014 -

Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup extension for Plesk (Lin…

πŸ“… Published: Nov. 11, 2024, 1:20 p.m. πŸ”„ Last Modified: Feb. 27, 2025, 11:15 p.m.

5.4

CVSS3.1

CVE-2024-43437 - Moodle: xss risk when restoring malicious course backup file

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.

πŸ“… Published: Nov. 11, 2024, 12:19 p.m. πŸ”„ Last Modified: April 23, 2025, 9:28 p.m.

5.3

CVSS3.1

CVE-2024-43435 - Moodle: can create global glossary without being admin

A flaw was found in moodle. Insufficient capability checks make it possible for users with access to restore glossaries in courses to restore them into the global site glossary.

πŸ“… Published: Nov. 11, 2024, 12:17 p.m. πŸ”„ Last Modified: May 1, 2025, 4:09 p.m.

5.3

CVSS3.1

CVE-2024-43433 - Moodle: matrix user/power level management not always working as expected with suspended users

A flaw was found in moodle. Matrix room membership and power levels are incorrectly applied and revoked for suspended Moodle users.

πŸ“… Published: Nov. 11, 2024, 12:16 p.m. πŸ”„ Last Modified: May 1, 2025, 4:09 p.m.
Total resulsts: 344009
Page 7428 of 34,401
Β« previous page Β» next page
Filters