1971
|
9.8 |
CRITICAL
Network
withsecure
|
f-secure_policy_manager policy_manager_proxy
|
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
|
NVD-CWE-noinfo
|
CVE-2023-43762
|
2024-09-26 01:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1972
|
- |
|
phphoo3
|
phphoo3
|
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a log…
|
NVD-CWE-Other
|
CVE-2007-2534
|
2024-09-26 01:35 |
2007-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1973
|
8.1 |
HIGH
Network
|
redhat
|
enterprise_linux enterprise_linux_aus enterprise_linux_tus enterprise_linux_eus enterprise_linux_update_services_for_sap_solutions
|
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attac…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2024-3183
|
2024-09-26 01:29 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1974
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_r…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-6061
|
2024-09-26 01:16 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1975
|
- |
|
-
|
-
|
Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block. A rogue administrator could add a malicious payload by executing it in the browse…
|
-
|
CVE-2024-8661
|
2024-09-26 01:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1976
|
- |
|
-
|
-
|
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocati…
|
-
|
CVE-2024-7625
|
2024-09-26 01:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1977
|
- |
|
-
|
-
|
The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overf…
|
-
|
CVE-2023-51395
|
2024-09-26 01:15 |
2024-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1978
|
- |
|
-
|
-
|
Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko S…
|
-
|
CVE-2023-51393
|
2024-09-26 01:15 |
2024-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1979
|
7.5 |
HIGH
Network
silabs
|
gecko_software_development_kit
|
Prior to v7.4.0, Ember ZNet is vulnerable to a denial of service attack through manipulation of the NWK sequence number
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2023-6874
|
2024-09-26 01:15 |
2024-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1980
|
9.8 |
CRITICAL
Network
silabs
|
gecko_software_development_kit
|
An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
|
NVD-CWE-noinfo
|
CVE-2023-4280
|
2024-09-26 01:15 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|