Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-30 | CVE-2024-31152 | Allocation of Resources Without Limits or Throttling vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot. | 7.5 |
| 2024-10-30 | CVE-2024-32946 | Unspecified vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks. | 5.9 |
| 2024-10-30 | CVE-2024-33623 | Unspecified vulnerability in Level1 Wbr-6012 Firmware R0.40E6 A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. | 7.5 |
| 2024-10-30 | CVE-2024-33699 | Unspecified vulnerability in Level1 Wbr-6012 Firmware R0.40E6 The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password. | 8.8 |
| 2024-10-30 | CVE-2024-50353 | Unspecified vulnerability in Iowacomputergurus Aspnetcore.Utilities.Cloudstorage ICG.AspNetCore.Utilities.CloudStorage is a collection of cloud storage utilities to assist with the management of files for cloud upload. | 5.3 |
| 2024-10-30 | CVE-2024-10525 | Out-of-bounds Write vulnerability in Eclipse Mosquitto In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. | 9.8 |
| 2024-10-30 | CVE-2024-3935 | Double Free vulnerability in Eclipse Mosquitto In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker. | 6.5 |
| 2024-10-30 | CVE-2024-8512 | The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.26 via the 'script' parameter of the hookBeforeStartOptimization() function. | 9.1 |
| 2024-10-30 | CVE-2024-10108 | The WPAdverts – Classifieds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's adverts_add shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. | 7.2 |
| 2024-10-30 | CVE-2024-10223 | The WP Team – WordPress Team Member Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's htteamember shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |