Latest CVE Feed
-
6.8
MEDIUMCVE-2024-47496
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause ... Read more
Affected Products : junos- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
8.2
HIGHCVE-2024-47506
A Deadlock vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a large amount of traffic is processed by ATP Cloud inspe... Read more
Affected Products : junos- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
6.9
MEDIUMCVE-2024-47507
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream d... Read more
- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
8.2
HIGHCVE-2024-47490
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consump... Read more
Affected Products : junos_os_evolved- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
6.8
MEDIUMCVE-2024-47501
A NULL Pointer Dereference vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Se... Read more
Affected Products : junos- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.1
HIGHCVE-2024-47498
An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). Several configuration statements meant to enfor... Read more
Affected Products : junos_os_evolved- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
4.7
MEDIUMCVE-2024-47354
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership After Login Redirection.This issue affects Simple Membership After Login Redirection: from n/a through 1.6.... Read more
Affected Products :- Published: Oct. 10, 2024
- Modified: Oct. 15, 2024
-
5.1
MEDIUMCVE-2024-6157
An attacker who successfully exploited these vulnerabilities could cause the robot to stop. A vulnerability exists in the PROFINET stack included in the RobotWare versions listed below. This vulnerability arises under specific condition when speciall... Read more
Affected Products :- Published: Oct. 10, 2024
- Modified: Oct. 15, 2024
-
6.4
MEDIUMCVE-2024-9051
The WP Ultimate Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpupg-grid-with-filters shortcode in all versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping on user s... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
8.7
HIGHCVE-2024-47499
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). In a scena... Read more
- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
9.8
CRITICALCVE-2024-46088
An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file.... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.8
HIGHCVE-2024-33579
A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges.... Read more
Affected Products : baiying- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
6.1
MEDIUMCVE-2024-9436
The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, a... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.8
HIGHCVE-2024-33581
A DLL hijack vulnerability was reported in Lenovo PC Manager AI intelligent scenario that could allow a local attacker to execute code with elevated privileges.... Read more
Affected Products : pcmanager- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
8.8
HIGHCVE-2024-48813
SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 allows a remote attacker to execute arbitrary code via the admin_id parameter of the /update-employee.php component.... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
4.3
MEDIUMCVE-2024-9538
The ShopLentor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.9.8 via the 'render' function in includes/addons/wl_faq.php. This makes it possible for authenticated attackers, with Contributor-l... Read more
Affected Products : woolentor_-_woocommerce_elementor_addons_\+_builder- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
6.1
MEDIUMCVE-2024-9211
The FULL – Cliente plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.1.22. This makes it possible for una... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.2
HIGHCVE-2024-8531
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root.... Read more
Affected Products : data_center_expert- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.8
HIGHCVE-2024-33580
A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges.... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024
-
7.8
HIGHCVE-2024-9002
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering ... Read more
Affected Products : easergy_studio- Published: Oct. 11, 2024
- Modified: Oct. 15, 2024