| 2024-10-18 | CVE-2024-47485 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master
There is a CSV injection vulnerability in some HikCentral Master Lite versions. | 9.8 |
| 2024-10-18 | CVE-2024-10119 | OS Command Injection vulnerability in ZTE Wrtm326 Firmware
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. | 9.8 |
| 2024-10-18 | CVE-2024-10118 | SECOM WRTR-304GN-304TW-UPSC does not properly filter user input in the specific functionality. network low complexity CWE-78 critical | 9.8 |
| 2024-10-17 | CVE-2024-43566 | Unspecified vulnerability in Microsoft Edge Chromium
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 9.8 |
| 2024-10-17 | CVE-2024-49217 | Unspecified vulnerability in Madirisalmanaashish Adding Drop Down Roles in Registration
Incorrect Privilege Assignment vulnerability in Madiri Salman Aashish Adding drop down roles in registration allows Privilege Escalation.This issue affects Adding drop down roles in registration: from n/a through 1.1. | 9.8 |
| 2024-10-17 | CVE-2005-10003 | OS Command Injection vulnerability in Mikexstudios Xcomic
A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. | 9.8 |
| 2024-10-17 | CVE-2024-9862 | Authorization Bypass Through User-Controlled Key vulnerability in Miniorange OTP Verification With Firebase
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. | 9.8 |
| 2024-10-17 | CVE-2024-9863 | The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.6.0 due to the insecure 'administrator' default value for the 'default_user_role' option. network low complexity CWE-266 critical | 9.8 |
| 2024-10-16 | CVE-2024-9893 | The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.1.14. network low complexity CWE-288 critical | 9.8 |
| 2024-10-16 | CVE-2024-10021 | SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0
A vulnerability was found in code-projects Pharmacy Management System 1.0. | 9.8 |