1631
|
5.3 |
MEDIUM
Network
connectwise
|
screenconnect
|
ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2022-36781
|
2024-09-17 06:15 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1632
|
9.4 |
CRITICAL
Network
databank
|
accreditation_tracking\/presentation_module
|
Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2.
|
CWE-89
SQL Injection
|
CVE-2022-2315
|
2024-09-17 06:15 |
2022-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1633
|
7.8 |
HIGH
Local
|
abb
|
mint_workbench automation_builder drive_composer
|
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already e…
|
CWE-59
Link Following
|
CVE-2022-31218
|
2024-09-17 06:15 |
2022-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1634
|
6.8 |
MEDIUM
Network
|
suse
|
rancher
|
A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2022-21951
|
2024-09-17 06:15 |
2022-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1635
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. This issue a…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2018-20803
|
2024-09-17 06:15 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1636
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. This issue affects MongoDB Serve…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2019-20924
|
2024-09-17 06:15 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1637
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. This issue affects MongoD…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-7926
|
2024-09-17 06:15 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1638
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb_enterprise_kubernetes_operator
|
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-7922
|
2024-09-17 06:15 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1639
|
8.8 |
HIGH
Network
|
asterisk
|
asterisk certified_asterisk
|
Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an A…
|
NVD-CWE-Other
|
CVE-2024-42365
|
2024-09-17 05:23 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1640
|
- |
|
-
|
-
|
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attac…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2024-3183
|
2024-09-17 05:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|