Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-9826 | Use After Free vulnerability in Autodesk products A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9827 | Out-of-bounds Read vulnerability in Autodesk products A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9996 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force an Out-of-Bounds Write vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-9997 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-50455 | Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. | 8.8 |
| 2024-10-29 | CVE-2024-50456 | Missing Authorization vulnerability in Seopress 6.9 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1. | 8.8 |
| 2024-10-29 | CVE-2024-8587 | Out-of-bounds Write vulnerability in Autodesk products A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. | 7.8 |
| 2024-10-29 | CVE-2024-50466 | Cross-Site Request Forgery (CSRF) vulnerability in Darkmysite Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite – Advanced Dark Mode Plugin for WordPress: from n/a through 1.2.8. | 8.8 |
| 2024-10-29 | CVE-2024-8924 | SQL Injection vulnerability in Servicenow Vancouver/Xanadu ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. | 7.5 |
| 2024-10-29 | CVE-2024-9990 | Cross-Site Request Forgery (CSRF) vulnerability in Odude Crypto Tool The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.15. | 8.8 |