|
221
|
6.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive…
New
|
CWE-20
Improper Input Validation
|
CVE-2021-1482
|
2024-11-16 02:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affe…
New
|
CWE-943
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2021-1481
|
2024-11-16 02:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223
|
- |
|
-
|
-
|
A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial …
New
|
CWE-20
Improper Input Validation
|
CVE-2021-1466
|
2024-11-16 02:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an …
New
|
CWE-20
Improper Input Validation
|
CVE-2021-1464
|
2024-11-16 02:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225
|
4.3 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-20846
|
2024-11-16 02:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226
|
5.4 |
MEDIUM
Network
|
rafelsanso
|
gmap_point_list
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rafel Sansó Gmap Point List allows Stored XSS.This issue affects Gmap Point List: from n/a…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51594
|
2024-11-16 02:15 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
227
|
4.3 |
MEDIUM
Network
|
github
|
enterprise_server
|
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the U…
Update
|
NVD-CWE-noinfo
|
CVE-2024-9539
|
2024-11-16 02:15 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
228
|
4.8 |
MEDIUM
Network
|
mendix
|
mendix
|
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12…
Update
|
CWE-362
Race Condition
|
CVE-2024-50313
|
2024-11-16 02:12 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
229
|
4.4 |
MEDIUM
Local
|
lollms
|
lollms
|
A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the v…
Update
|
CWE-23
Relative Path Traversal
|
CVE-2024-6985
|
2024-11-16 02:10 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
230
|
5.4 |
MEDIUM
Network
|
mysticalthemes
|
meta_store_elements
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bnayawpguy Meta Store Elements allows DOM-Based XSS.This issue affects Meta Store Elements…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51592
|
2024-11-16 02:04 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
