NA - CVE-2024-9137 - The affected product lacks an authentication...
The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading...
NA - CVE-2024-48120 - X2CRM v8.5 is vulnerable to a stored Cross-Site...
X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module. An attacker can inject malicious JavaScript code into the "Name" field when creating a list.
NA - CVE-2024-7847 - VULNERABILITY DETAILS
Rockwell Automation used...
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to assess the following vulnerabilities. The following vulnerabilities were reported to us by Sharon...
NA - CVE-2024-8602 - When the XML is read from the codes in the PDF...
When the XML is read from the codes in the PDF and parsed using a DocumentBuilder, the default settings of the DocumentBuilder allow for an XXE (XML External Entity) attack. Further information on...
NA - CVE-2024-9936 - When manipulating the selection node cache, an...
When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash. This vulnerability affects Firefox < 131.0.3.
NA - CVE-2024-40616 - Rejected reason: DO NOT USE THIS CANDIDATE...
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.