Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-9489 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9826 | Use After Free vulnerability in Autodesk products A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9827 | Out-of-bounds Read vulnerability in Autodesk products A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9996 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9997 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-50455 | Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. | 8.8 |
| 2024-10-29 | CVE-2024-50456 | Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. | 8.8 |
| 2024-10-29 | CVE-2024-8587 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-10491 | Unspecified vulnerability in Openjsf Express A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources. This vulnerability is especially relevant for dynamic parameters. | 5.3 |
| 2024-10-29 | CVE-2024-50459 | Missing Authorization vulnerability in Hmplugin Aidwp Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Stripe Donation and Payment Plugin: from n/a through 3.2.3. | 9.8 |