Latest high severity Vulnerabilities

CVE-2024-31270
WordPress ARForms Form Builder plugin <= 1.6.1 - Broken Access Control vulnerability
CVE-2024-1438
WordPress Rolo Slider plugin <= 1.0.9 - Broken Access Control vulnerability
CVE-2024-34553
WordPress Stockholm Core plugin <= 2.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-3507
Cross-Site Scripting Vulnerability in Lunar
CVE-2024-22264
VMware Avi Load Balancer updates address multiple vulnerabilities
CVE-2024-4393
The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2. This is due to insufficient verification on the OpenID server being supplied durin...
CVE-2024-2860
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an incorrect local authentication flaw. An attacker accessing the VM where the Brocade SANnav is installed can g...
CVE-2023-40490
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Maxon Cinema 4D
CVE-2023-35757
D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622
CVE-2023-35749
D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622
CVE-2023-35748
D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622
CVE-2022-43655
Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Bentley View
CVE-2022-43654
NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability
NETGEAR CAX30S
CVE-2022-43653
Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Bentley View
CVE-2022-43651
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Bentley View
CVE-2022-0369
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
Triangle MicroWorks SCADA Data Gateway
CVE-2021-35002
BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability
BMC Track-It!
CVE-2021-34982
NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability
NETGEAR Multiple Routers
CVE-2021-34981
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
Linux kernel
CVE-2021-34975
Foxit PDF Reader transitionToState Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34974
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34971
Foxit PDF Reader JPG2000 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34968
Foxit PDF Editor transitionToState Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34967
Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34966
Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34965
Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34964
Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34963
Foxit PDF Editor PolyLine Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34962
Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34961
Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34960
Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34959
Foxit PDF Editor Square Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34958
Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34957
Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34956
Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34954
Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34955
Foxit PDF Editor Stamp Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Editor
CVE-2021-34953
Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34952
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34950
Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34948
Foxit PDF Reader Square Annotation Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader
CVE-2021-34947
NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability
NETGEAR R7800
CVE-2024-34346
Deno contains a permission escalation via open of privileged files with missing `--deny` flag
rust/deno<1.43.1
GHSA-87hq-q4gp-9wr4
### Summary If PDF.js is used to load a malicious PDF, and PDF.js is configured with `isEvalSupported` set to `true` (which is the default value), unrestricted attacker-controlled JavaScript will be ...
npm/react-pdf>=8.0.0<8.0.2
npm/react-pdf<7.7.3
CVE-2024-29207
An Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system. Affected Products: UniFi Connect Application (Version 3.7.9 and...
CVE-2024-32663
Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation
CVE-2024-34342
react-pdf's PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF
npm/react-pdf>=8.0.0<8.0.2
npm/react-pdf<7.7.3
CVE-2024-31456
GLPI contains an authenticated SQL injection
CVE-2024-29889
GLPI contains an SQL injection through the saved searches
GHSA-9c5w-9q3f-3hv7
Minder's `HandleGithubWebhook` is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is s...
go/github.com/stacklok/minder<0.20240507.2061

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203