| 2024-10-02 | CVE-2024-35293 | An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS. network low complexity CWE-306 critical | 9.1 |
| 2024-10-01 | CVE-2024-45999 | SQL Injection vulnerability in Magicbug Cloudlog
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. | 9.8 |
| 2024-10-01 | CVE-2024-47608 | OS Command Injection vulnerability in Definetlynotai Logicytics
Logicytics is designed to harvest and collect data for forensic analysis. | 9.8 |
| 2024-10-01 | CVE-2024-9265 | Unspecified vulnerability in Coderevolution Echo RSS Feed Post Generator
The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.4.6. | 9.8 |
| 2024-10-01 | CVE-2024-9289 | Missing Authentication for Critical Function vulnerability in Redefiningtheweb Affiliate PRO
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 8.4.1. | 9.8 |
| 2024-10-01 | CVE-2024-9106 | The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. network low complexity CWE-288 critical | 9.8 |
| 2024-10-01 | CVE-2024-9108 | The Wechat Social login plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'convert_remoteimage_to_local' function in versions up to, and including, 1.3.0. network low complexity CWE-434 critical | 9.8 |
| 2024-10-01 | CVE-2024-9360 | SQL Injection vulnerability in Code-Projects Restaurant Reservation System 1.0
A vulnerability was found in code-projects Restaurant Reservation System 1.0. | 9.8 |
| 2024-10-01 | CVE-2024-9359 | SQL Injection vulnerability in Code-Projects Restaurant Reservation System 1.0
A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as critical. | 9.8 |
| 2024-09-30 | CVE-2024-8456 | Missing Authentication for Critical Function vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices. | 9.8 |