981
|
- |
|
-
|
-
|
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to re…
|
CWE-184
Incomplete Blacklist
|
CVE-2023-45593
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
982
|
8.1 |
HIGH
Adjacent
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection.
An attacker can exploit this vulnerability by injecting, on …
|
CWE-223
|
CVE-2023-31191
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
983
|
8.1 |
HIGH
Network
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure.
Specifically, the firmware update procedur…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-31190
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
984
|
6.8 |
MEDIUM
Adjacent
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection.
An attacker can exploit this vulnerability by injecting, at t…
|
CWE-223
|
CVE-2023-29156
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
985
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.
This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0.
The deprecated org.apache.lucene.replicat…
|
-
|
CVE-2024-45772
|
2024-09-30 18:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
986
|
- |
|
-
|
-
|
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifyin…
|
-
|
CVE-2024-9329
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
987
|
7.2 |
HIGH
Network
|
-
|
-
|
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and ob…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-8459
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
988
|
8.8 |
HIGH
Network
|
-
|
-
|
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malici…
|
-
|
CVE-2024-8458
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
989
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users with administrator privileges to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8457
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
990
|
9.8 |
CRITICAL
Network
-
|
-
|
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and sy…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-8456
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|