|
81
|
5.3 |
MEDIUM
Network
motorola
|
cx2l_firmware
|
A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.
Update
|
NVD-CWE-noinfo
|
CVE-2024-25360
|
2024-10-10 23:43 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
82
|
7.5 |
HIGH
Network
huawei
|
harmonyos
emui
|
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39390
|
2024-10-10 23:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
83
|
7.5 |
HIGH
Network
huawei
|
emui
harmonyos
|
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39386
|
2024-10-10 23:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
84
|
7.5 |
HIGH
Network
atlassian
|
jira_software_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow attackers with access to an administrator account that has had its access revoked to modify projects' Users & Roles settings, via a Br…
Update
|
CWE-287
Improper Authentication
|
CVE-2021-41311
|
2024-10-10 23:35 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
85
|
5.3 |
MEDIUM
Network
atlassian
|
jira_software_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira Service Management access revoked to export audit logs of another user's Jira Service Management project…
Update
|
CWE-287
Improper Authentication
|
CVE-2021-41309
|
2024-10-10 23:35 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
86
|
7.5 |
HIGH
Network
atlassian
|
jira
data_center
|
Affected versions of Atlassian Jira Server and Data Center allow a remote attacker who has had their access revoked from Jira Service Management to enable and disable Issue Collectors on Jira Service…
Update
|
CWE-287
Improper Authentication
|
CVE-2021-41312
|
2024-10-10 23:35 |
2021-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
87
|
5.3 |
MEDIUM
Network
latchset
redhat
fedoraproject
|
jwcrypto
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
fedora
enterprise_linux_for_arm_64
|
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. T…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-6681
|
2024-10-10 23:32 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
88
|
- |
|
esri
|
arcmap
|
ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a c…
Update
|
CWE-94
Code Injection
|
CVE-2012-1661
|
2024-10-10 23:30 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
89
|
- |
|
redhat
fedoraproject
|
389_directory_server
directory_server
fedora
enterprise_linux
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
enterprise_linux_server_aus
enterpris…
|
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-1062
|
2024-10-10 23:22 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
90
|
- |
|
-
|
-
|
A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql in…
New
|
CWE-89
SQL Injection
|
CVE-2024-9789
|
2024-10-10 23:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
