|
161
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1809
windows_server_2019
windows_server_2022
windows_11_21h2
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_11_22h3
windows_11_23h2
windows_server_23h2<…
|
Microsoft Management Console Remote Code Execution Vulnerability
New
|
NVD-CWE-noinfo
|
CVE-2024-43572
|
2024-10-11 00:25 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
162
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in D-Link DSL-2750U R5B017. This affects an unknown part of the component Port Forwarding Page. The manipulation of the argument PortMappingDe…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9792
|
2024-10-11 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
163
|
- |
|
-
|
-
|
A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file /admin/sou.php. The manipulation of the argument id leads to sql inject…
New
|
CWE-89
SQL Injection
|
CVE-2024-9790
|
2024-10-11 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
164
|
- |
|
-
|
-
|
In Progress Telerik Reporting versions prior to 2024 Q3 (18.2.24.924), a command injection attack is possible through improper neutralization of hyperlink elements.
New
|
CWE-77
Command Injection
|
CVE-2024-7840
|
2024-10-11 00:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
165
|
- |
|
-
|
-
|
A vulnerability has been identified in Mendix Runtime V10 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions only if the basic a…
Update
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2023-49069
|
2024-10-11 00:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
166
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_23h2
windows_10_22h2
windows_11_22h2
windows_10_21h2
windows_11_21h2
windows_server_2022
windows_server_2019
windows_10_1809
windows_server_2022_23h2
|
Windows Kernel Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-21338
|
2024-10-11 00:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
167
|
7.5 |
HIGH
Network
ibm
|
cics_tx
|
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229441.
Update
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2022-34310
|
2024-10-11 00:12 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
168
|
9.8 |
CRITICAL
Network
zimbra
|
collaboration
|
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute comma…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-45519
|
2024-10-11 00:04 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
169
|
5.3 |
MEDIUM
Network
motorola
|
cx2l_firmware
|
A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.
Update
|
NVD-CWE-noinfo
|
CVE-2024-25360
|
2024-10-10 23:43 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
170
|
7.5 |
HIGH
Network
huawei
|
harmonyos
emui
|
Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39390
|
2024-10-10 23:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
