451
|
4.9 |
MEDIUM
Network
|
ibm
|
datastage
|
IBM DataStage on Cloud Pak for Data 4.0.6 to 4.5.2 stores sensitive credential information that can be read by a privileged user. IBM X-Force ID: 235060.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2022-38714
|
2024-10-11 00:32 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
452
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1809 windows_server_2019 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_22h3 windows_11_23h2 windows_server_23h2<…
|
Microsoft Management Console Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43572
|
2024-10-11 00:25 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
453
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDe…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9792
|
2024-10-11 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
454
|
- |
|
-
|
-
|
A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file /admin/sou.php. The manipulation of the argument id leads to sql inject…
|
CWE-89
SQL Injection
|
CVE-2024-9790
|
2024-10-11 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
455
|
- |
|
-
|
-
|
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
|
CWE-77
Command Injection
|
CVE-2024-7840
|
2024-10-11 00:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
456
|
- |
|
-
|
-
|
A vulnerability has been identified in Mendix Runtime V10 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions only if the basic a…
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2023-49069
|
2024-10-11 00:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
457
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_23h2 windows_10_22h2 windows_11_22h2 windows_10_21h2 windows_11_21h2 windows_server_2022 windows_server_2019 windows_10_1809 windows_server_2022_23h2
|
Windows Kernel Elevation of Privilege Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-21338
|
2024-10-11 00:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
458
|
7.5 |
HIGH
Network
ibm
|
cics_tx
|
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2022-34310
|
2024-10-11 00:12 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
459
|
5.3 |
MEDIUM
Network
motorola
|
cx2l_firmware
|
A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.
|
NVD-CWE-noinfo
|
CVE-2024-25360
|
2024-10-10 23:43 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
460
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
|
CWE-20
Improper Input Validation
|
CVE-2023-39390
|
2024-10-10 23:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|