VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-17
CVE-2024-49579
Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests
network
low complexity
jetbrains
6.1
6.1
2024-10-17
CVE-2024-49580
Unspecified vulnerability in Jetbrains Ktor
In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure
network
low complexity
jetbrains
5.3
5.3
2024-10-17
CVE-2024-45713
SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes.
local
high complexity
CWE-209
5.1
5.1
2024-10-17
CVE-2024-9898
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
6.4
6.4
2024-10-17
CVE-2024-49386
Privacy Violation vulnerability in Acronis Cyber Files
Sensitive information disclosure due to spell-jacking.
low complexity
acronis
CWE-359
5.7
5.7
2024-10-17
CVE-2024-49389
Incorrect Default Permissions vulnerability in Acronis Cyber Files
Local privilege escalation due to insecure folder permissions.
local
low complexity
acronis
CWE-276
7.8
7.8
2024-10-17
CVE-2024-49390
Uncontrolled Search Path Element vulnerability in Acronis Cyber Files
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis
CWE-427
7.3
7.3
2024-10-17
CVE-2024-49391
Uncontrolled Search Path Element vulnerability in Acronis Cyber Files
Local privilege escalation due to DLL hijacking vulnerability.
local
low complexity
acronis
CWE-427
7.3
7.3
2024-10-17
CVE-2024-49392
Cross-site Scripting vulnerability in Acronis Cyber Files
Stored cross-site scripting (XSS) vulnerability on enrollment invitation page.
network
low complexity
acronis
CWE-79
4.8
4.8
2024-10-17
CVE-2024-8920
The Fonto – Custom Web Fonts Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.4
6.4
«
Previous
1
2
...
274
275
276
(current)
277
278
...
15605
15606
»
Next