|
681
|
6.8 |
MEDIUM
Physics
|
-
|
-
|
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.90), SIPROTEC 5 6MD86 (CP2…
New
|
CWE-489
Exposure of Data Element to Wrong Session
|
CVE-2024-53648
|
2025-02-11 20:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
682
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 2), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SIMOCODE ES V19 (…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-45386
|
2025-02-11 20:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
683
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-23814
|
2025-02-11 20:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
684
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the display_name profile parameter in all versi…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-13506
|
2025-02-11 20:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
685
|
5.3 |
MEDIUM
Network
-
|
-
|
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information t…
New
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-37482
|
2025-02-11 20:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
686
|
6.8 |
MEDIUM
Adjacent
|
-
|
-
|
SolarWinds Platform is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. This vulnerability requires authentication by a…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-52612
|
2025-02-11 17:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
687
|
3.5 |
LOW
Adjacent
|
-
|
-
|
The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. While the data does not provide anything sensitive, the information could assist an attacker…
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-52611
|
2025-02-11 17:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
688
|
3.5 |
LOW
Adjacent
|
-
|
-
|
SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input sanitation was not applied allowing for the possibility of a malicious web request.
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-52606
|
2025-02-11 17:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
689
|
4.6 |
MEDIUM
Local
|
-
|
-
|
Sensitive data could be exposed to non- privileged users in a configuration file. Local access to the computer with a low- privileged account is required to access the configuration file containing …
New
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45718
|
2025-02-11 17:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
690
|
5.5 |
MEDIUM
Local
|
-
|
-
|
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the disclosure of sensitive information from the software.
New
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2024-28989
|
2025-02-11 17:15 |
2025-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
