Security Vulnerabilities - CVEs Published In July 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). The system service of affected applications is vulnerable to command injection due to missing server side input sanitation when loading VPN configurations. This could allow an administrative remote attacker running a corresponding SINEMA Remote Connect Server to execute arbitrary code with system privileges on the client system.
CVSS Score
6.6
EPSS Score
0.028
Published
2024-07-09
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading VxLAN configurations. This could allow an authenticated attacker to execute arbitrary code with root privileges.
CVSS Score
8.8
EPSS Score
0.019
Published
2024-07-09
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to command injection due to missing server side input sanitation when loading SNMP configurations. This could allow an attacker with the right to modify the SNMP configuration to execute arbitrary code with root privileges.
CVSS Score
8.8
EPSS Score
0.011
Published
2024-07-09
Improper Privilege Management vulnerability in Dylan James Zephyr Project Manager allows Privilege Escalation.This issue affects Zephyr Project Manager: from n/a through 3.3.97.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-09
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Path Traversal.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.4.2.
CVSS Score
6.5
EPSS Score
0.005
Published
2024-07-09
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-07-09
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-07-09
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Path Traversal.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.5.
CVSS Score
4.9
EPSS Score
0.004
Published
2024-07-09
A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS part file. This could allow an attacker to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-07-09
Improper Privilege Management vulnerability in Brainstorm Force Ultimate Addons for Elementor allows Privilege Escalation.This issue affects Ultimate Addons for Elementor: from n/a through 1.36.31.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-07-09