211
|
7.8 |
HIGH
Local
|
ui
|
unifi_network_application
|
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell acces…
|
CWE-77
Command Injection
|
CVE-2024-42025
|
2024-09-20 23:40 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
212
|
- |
|
-
|
-
|
runofast Indoor Security Camera for Baby Monitor has a default password of password for the root account. This allows access to the /stream1 URI via the rtsp:// protocol to receive the video and audi…
|
-
|
CVE-2024-46959
|
2024-09-20 23:35 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
213
|
- |
|
-
|
-
|
An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38…
|
-
|
CVE-2024-45523
|
2024-09-20 23:35 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
214
|
- |
|
-
|
-
|
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card.
|
-
|
CVE-2023-41612
|
2024-09-20 23:35 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
215
|
6.5 |
MEDIUM
Network
|
syscomgo
|
omflow
|
OMFLOW from The SYSCOM Group does not properly restrict the query range of its data query functionality, allowing remote attackers with regular privileges to obtain accounts and password hashes of ot…
|
NVD-CWE-noinfo
|
CVE-2024-8780
|
2024-09-20 23:35 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
216
|
7.8 |
HIGH
Local
|
konghq
|
insomnia
|
Kong Insomnia 2023.4.0 on macOS allows attackers to execute code and access restricted files, or make requests for TCC permissions, by using the DYLD_INSERT_LIBRARIES environment variable.
|
NVD-CWE-noinfo
|
CVE-2023-40299
|
2024-09-20 23:35 |
2023-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
217
|
7.8 |
HIGH
Local
|
nokia
|
wavelite_metro_200_and_fan_firmware wavelite_metro_200_ops_and_fans_firmware wavelite_metro_200_and_f2b_fans_firmware wavelite_metro_200_ops_and_f2b_fans_firmware wavelite_metro_200_ne_an…
|
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for…
|
NVD-CWE-Other
|
CVE-2023-22618
|
2024-09-20 23:35 |
2023-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
218
|
8.8 |
HIGH
Adjacent
|
furunosystems
|
acera_1310_firmware acera_1320_firmware
|
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the a…
|
CWE-287
Improper Authentication
|
CVE-2023-42771
|
2024-09-20 23:35 |
2023-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
219
|
6.5 |
MEDIUM
Network
|
syscomgo
|
omflow
|
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files.
|
CWE-22
Path Traversal
|
CVE-2024-8778
|
2024-09-20 23:23 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
220
|
7.5 |
HIGH
Network
syscomgo
|
omflow
|
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-8777
|
2024-09-20 23:22 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|