|
491
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit…
Update
|
-
|
CVE-2024-26302
|
2024-11-6 00:35 |
2024-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
492
|
8.4 |
HIGH
Local
|
cisco
|
firepower_threat_defense
|
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system usin…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-20412
|
2024-11-6 00:03 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
493
|
5.8 |
MEDIUM
Network
cisco
|
firepower_threat_defense
|
A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.
This …
Update
|
NVD-CWE-noinfo
|
CVE-2024-20431
|
2024-11-5 23:47 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
494
|
4.8 |
MEDIUM
Network
|
netgear
|
wnr614_firmware
|
Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router a…
Update
|
NVD-CWE-Other
|
CVE-2024-36788
|
2024-11-5 23:38 |
2024-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
495
|
8.8 |
HIGH
Network
|
tenda
|
ac15_firmware
|
A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argumen…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-10662
|
2024-11-5 23:30 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
496
|
8.8 |
HIGH
Network
|
tenda
|
ac15_firmware
|
A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argumen…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-10661
|
2024-11-5 23:30 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
497
|
- |
|
-
|
-
|
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37.* <= 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is…
Update
|
CWE-89
SQL Injection
|
CVE-2024-51482
|
2024-11-5 23:15 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
498
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelo…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9560
|
2024-11-5 22:05 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
499
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
block, bfq: fix possible UAF for bfqq->bic with merge chain
1) initial state, three tasks:
Process 1 Process 2 Process 3…
Update
|
CWE-416
Use After Free
|
CVE-2024-47706
|
2024-11-5 19:20 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
500
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Page table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Update
|
NVD-CWE-noinfo
|
CVE-2024-45448
|
2024-11-5 19:19 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
