Lucene search

K

Royal Elementor Addons (Elementor Templates, Post Grid, Mega Menu & Header Footer Builder, WooCommerce Builder, Product Grid, Slider, Parallax Image & Other Free Elementor Widgets) Security Vulnerabilities

cvelist
cvelist

CVE-2024-23159

A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 03:33 AM
3
thn
thn

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

7.2AI Score

2024-06-25 03:32 AM
9
cvelist
cvelist

CVE-2024-23158

A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current...

0.001EPSS

2024-06-25 03:31 AM
3
vulnrichment
vulnrichment

CVE-2024-23158

A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current...

7.5AI Score

0.001EPSS

2024-06-25 03:31 AM
cvelist
cvelist

CVE-2024-23157

A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 03:30 AM
2
cvelist
cvelist

CVE-2024-6297 Several WordPress.org Plugins <= Various Versions - Injected Backdoor

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

10CVSS

0.001EPSS

2024-06-25 03:30 AM
19
cvelist
cvelist

CVE-2024-23156

A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 03:30 AM
11
cvelist
cvelist

CVE-2024-37006

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

0.001EPSS

2024-06-25 03:15 AM
5
vulnrichment
vulnrichment

CVE-2024-37006

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

7.5AI Score

0.001EPSS

2024-06-25 03:15 AM
nvd
nvd

CVE-2024-37000

A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

0.001EPSS

2024-06-25 03:15 AM
2
cve
cve

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

7.5AI Score

0.001EPSS

2024-06-25 03:15 AM
4
nvd
nvd

CVE-2024-6295

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

0.0004EPSS

2024-06-25 03:15 AM
4
cve
cve

CVE-2024-37000

A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

7.8AI Score

0.001EPSS

2024-06-25 03:15 AM
5
nvd
nvd

CVE-2024-23148

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

0.0004EPSS

2024-06-25 03:15 AM
3
cve
cve

CVE-2024-23148

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

7.5AI Score

0.0004EPSS

2024-06-25 03:15 AM
4
cve
cve

CVE-2024-6295

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

4.3AI Score

0.0004EPSS

2024-06-25 03:15 AM
6
nvd
nvd

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

0.001EPSS

2024-06-25 03:15 AM
3
nvd
nvd

CVE-2024-23147

A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

0.001EPSS

2024-06-25 03:15 AM
3
cve
cve

CVE-2024-23147

A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

7.1AI Score

0.001EPSS

2024-06-25 03:15 AM
7
vulnrichment
vulnrichment

CVE-2024-37004

A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

7.3AI Score

0.001EPSS

2024-06-25 03:13 AM
cvelist
cvelist

CVE-2024-37004

A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

0.001EPSS

2024-06-25 03:13 AM
1
vulnrichment
vulnrichment

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

7.2AI Score

0.001EPSS

2024-06-25 03:07 AM
cvelist
cvelist

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current...

0.001EPSS

2024-06-25 03:07 AM
1
ibm
ibm

Security Bulletin: Storage Virtualize Ansible Collection is affected by a vulnerability in the cryptography package

Summary Storage Virtualize Ansible Collection uses the cryptography package to provide common cryptographic algorithms. Version 41.0.7 of cryptography package is vulnerable to CVE-2023-50782. Vulnerability Details ** CVEID: CVE-2023-50782 DESCRIPTION: **Python Cryptographic Authority cryptography.....

7.5CVSS

6.4AI Score

0.001EPSS

2024-06-25 03:06 AM
1
cvelist
cvelist

CVE-2024-37000

A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

0.001EPSS

2024-06-25 03:01 AM
2
vulnrichment
vulnrichment

CVE-2024-37000

A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

7.4AI Score

0.001EPSS

2024-06-25 03:01 AM
openbugbounty
openbugbounty

subiaco.de Cross Site Scripting vulnerability OBB-3938506

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 02:53 AM
2
openbugbounty
openbugbounty

umsdental.com Cross Site Scripting vulnerability OBB-3938504

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 02:46 AM
4
cvelist
cvelist

CVE-2024-23148

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

0.0004EPSS

2024-06-25 02:42 AM
4
vulnrichment
vulnrichment

CVE-2024-23148

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current...

7.5AI Score

0.0004EPSS

2024-06-25 02:42 AM
openbugbounty
openbugbounty

central-kino-rottweil.de Cross Site Scripting vulnerability OBB-3938502

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 02:33 AM
2
cvelist
cvelist

CVE-2024-23147

A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

0.001EPSS

2024-06-25 02:32 AM
3
vulnrichment
vulnrichment

CVE-2024-23147

A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

7.4AI Score

0.001EPSS

2024-06-25 02:32 AM
openbugbounty
openbugbounty

fewo-cottbus.com Cross Site Scripting vulnerability OBB-3938501

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 02:21 AM
2
nvd
nvd

CVE-2024-23141

A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 02:15 AM
4
cve
cve

CVE-2024-23141

A maliciously crafted MODEL file, when parsed in libodxdll through Autodesk applications, can cause a double free. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

7.3AI Score

0.001EPSS

2024-06-25 02:15 AM
4
cve
cve

CVE-2024-23142

A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

7.2AI Score

0.001EPSS

2024-06-25 02:15 AM
3
cve
cve

CVE-2024-6294

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

4AI Score

0.0004EPSS

2024-06-25 02:15 AM
5
nvd
nvd

CVE-2024-23142

A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 02:15 AM
3
nvd
nvd

CVE-2024-6294

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

0.0004EPSS

2024-06-25 02:15 AM
4
vulnrichment
vulnrichment

CVE-2024-6295 udn News App - Insecure Data Storage

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

6.7AI Score

0.0004EPSS

2024-06-25 02:13 AM
1
cvelist
cvelist

CVE-2024-6295 udn News App - Insecure Data Storage

udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

0.0004EPSS

2024-06-25 02:13 AM
2
openbugbounty
openbugbounty

finster-essen.de Cross Site Scripting vulnerability OBB-3938500

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 02:06 AM
3
cvelist
cvelist

CVE-2024-6294 udn News App - Sensitive Information Exposure

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

0.0004EPSS

2024-06-25 01:58 AM
3
vulnrichment
vulnrichment

CVE-2024-6294 udn News App - Sensitive Information Exposure

udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrieve this session and use it to log into the news APP and other services provided by...

3.9CVSS

6.8AI Score

0.0004EPSS

2024-06-25 01:58 AM
openbugbounty
openbugbounty

schreibenmitstil.de Cross Site Scripting vulnerability OBB-3938499

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 01:57 AM
4
openbugbounty
openbugbounty

whtours.com Cross Site Scripting vulnerability OBB-3938498

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 01:49 AM
5
openbugbounty
openbugbounty

abovecrm.cslsj.qc.ca Cross Site Scripting vulnerability OBB-3938497

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

6.2AI Score

2024-06-25 01:30 AM
5
vulnrichment
vulnrichment

CVE-2024-23142

A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

7.2AI Score

0.001EPSS

2024-06-25 01:24 AM
1
cvelist
cvelist

CVE-2024-23142

A maliciously crafted CATPART, STP, and MODEL file, when parsed in atf_dwg_consumer.dll, rose_x64_vc15.dll and libodxdll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, can lead to code execution in the current...

0.001EPSS

2024-06-25 01:24 AM
1
Total number of security vulnerabilities1799688