Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-10-03 CVE-2024-47617 Cross-site Scripting vulnerability in Sulu 2.5.20/2.6.4
Sulu is a PHP content management system.
network
low complexity
sulu CWE-79
6.1
6.1
2024-10-03 CVE-2024-47618 Cross-site Scripting vulnerability in Sulu
Sulu is a PHP content management system.
network
low complexity
sulu CWE-79
5.4
5.4
2024-10-03 CVE-2024-9460 SQL Injection vulnerability in Codezips Online Shopping Portal 1.0
A vulnerability was found in Codezips Online Shopping Portal 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-10-03 CVE-2024-8159 Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.
local
high complexity
CWE-125
6.4
6.4
2024-10-03 CVE-2024-8352 Path Traversal vulnerability in Hypestudio Social web Suite
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log function.
network
low complexity
hypestudio CWE-22
7.5
7.5
2024-10-03 CVE-2024-47134 Out-of-bounds Write vulnerability in Electronics.Jtekt Kostac PLC Programming Software
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier.
local
low complexity
electronics-jtekt CWE-787
7.8
7.8
2024-10-03 CVE-2024-47135 Out-of-bounds Write vulnerability in Jtekt Kostac PLC 1.6.10.0/1.6.11.0/1.6.9.0
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier.
local
low complexity
jtekt CWE-787
7.8
7.8
2024-10-03 CVE-2024-47136 Out-of-bounds Read vulnerability in Jtekt Kostac PLC 1.6.10.0/1.6.11.0/1.6.9.0
Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier.
local
low complexity
jtekt CWE-125
7.8
7.8
2024-10-02 CVE-2024-45519 Unspecified vulnerability in Zimbra Collaboration
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
network
low complexity
zimbra
critical
 9.8
9.8
2024-10-02 CVE-2024-24117 Incorrect Permission Assignment for Critical Resource vulnerability in Ruijie Rg-Nbs2009G-P Firmware 10.4(1)P2Release(9736)
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
network
low complexity
ruijie CWE-732
critical
 9.8
9.8