Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-04 | CVE-2024-47657 | Authorization Bypass Through User-Controlled Key vulnerability in Shilpisoft NET Back Office This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. | 6.5 |
| 2024-10-04 | CVE-2024-8499 | Cross-site Scripting vulnerability in Themehigh Checkout Field Editor The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-10-04 | CVE-2024-9481 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing. | 5.5 |
| 2024-10-04 | CVE-2024-9482 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing. | 5.5 |
| 2024-10-04 | CVE-2024-9483 | NULL Pointer Dereference vulnerability in multiple products A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing. | 5.5 |
| 2024-10-04 | CVE-2024-9484 | NULL Pointer Dereference vulnerability in multiple products An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing. | 5.5 |
| 2024-10-04 | CVE-2024-9513 | Information Exposure Through Discrepancy vulnerability in Netadmin IAM A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. | 3.7 |
| 2024-10-04 | CVE-2024-47651 | Unspecified vulnerability in Shilpi Client Dashboard This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. | 6.5 |
| 2024-10-04 | CVE-2024-6400 | Cleartext Storage of Sensitive Information vulnerability in Finrota Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data.This issue solved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11 and 1.24.03. | 7.5 |
| 2024-10-04 | CVE-2024-9071 | Cross-site Scripting vulnerability in Sigmadevs Easy Demo Importer The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. | 5.4 |