11
|
8.8 |
HIGH
Adjacent
|
actiontec
|
wcb6200q_firmware
|
Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of …
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-6143
|
2024-09-20 02:47 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
12
|
8.8 |
HIGH
Adjacent
|
actiontec
|
wcb6200q_firmware
|
Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-6142
|
2024-09-20 02:47 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
13
|
4.4 |
MEDIUM
Local
|
tcpdump
|
libpcap
|
Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-8006
|
2024-09-20 02:46 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
14
|
4.9 |
MEDIUM
Network
|
jpress
|
jpress
|
A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template …
Update
|
CWE-22
Path Traversal
|
CVE-2024-8304
|
2024-09-20 02:39 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
15
|
5.3 |
MEDIUM
Network
drupal
|
drupal
|
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
Update
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-45440
|
2024-09-20 02:38 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
16
|
- |
|
-
|
-
|
Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers to execute of arbitrary code.
New
|
-
|
CVE-2024-44589
|
2024-09-20 02:35 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
17
|
9.8 |
CRITICAL
Network
facebook fedoraproject
|
tac_plus fedora
|
A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent…
Update
|
NVD-CWE-noinfo
|
CVE-2023-45239
|
2024-09-20 02:35 |
2023-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
18
|
6.5 |
MEDIUM
Network
|
openzeppelin
|
contracts
|
Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's i…
Update
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2024-45304
|
2024-09-20 02:26 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
19
|
4.3 |
MEDIUM
Network
|
teamviewer
|
meeting teamviewer
|
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the cl…
Update
|
NVD-CWE-Other
|
CVE-2024-6053
|
2024-09-20 02:22 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
20
|
- |
|
-
|
-
|
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site.
This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly…
New
|
-
|
CVE-2024-8653
|
2024-09-20 02:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|