Show filters
329,738 Total Results
Displaying 2,811-2,820 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-47396
Disclosure Date: October 01, 2024 (last updated October 01, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.3.
0
Attacker Value
Unknown
CVE-2024-9194
Disclosure Date: September 30, 2024 (last updated October 01, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server on Windows, Linux allows SQL Injection.This issue affects Octopus Server: from 2024.1.0 before 2024.1.13038, from 2024.2.0 before 2024.2.9482, from 2024.3.0 before 2024.3.12766.
0
Attacker Value
Unknown
CVE-2024-45073
Disclosure Date: September 30, 2024 (last updated October 01, 2024)
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
0
Attacker Value
Unknown
CVE-2024-7675
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-7674
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-7673
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-7672
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-7671
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-7670
Disclosure Date: September 30, 2024 (last updated October 08, 2024)
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
0
Attacker Value
Unknown
CVE-2024-46503
Disclosure Date: September 30, 2024 (last updated October 12, 2024)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
0