441
|
- |
|
-
|
-
|
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead…
New
|
-
|
CVE-2024-45372
|
2024-09-26 14:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
442
|
8.8 |
HIGH
Network
|
elecom
|
wrc-2533gs2-b_firmware wrc-2533gs2-w_firmware wrc-2533gs2v-b_firmware wrc-x6000xs-g_firmware wrc-x1500gs-b_firmware wrc-x1500gsa-b_firmware
|
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be dir…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-40883
|
2024-09-26 14:15 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
443
|
- |
|
-
|
-
|
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, …
Update
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-3727
|
2024-09-26 14:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
444
|
- |
|
-
|
-
|
User interface (UI) misrepresentation of critical information issue exists in multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION. If this vulnerabi…
New
|
-
|
CVE-2024-47045
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
445
|
- |
|
-
|
-
|
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credent…
New
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-52950
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
446
|
- |
|
-
|
-
|
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential …
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-52949
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
447
|
- |
|
-
|
-
|
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecifie…
New
|
-
|
CVE-2023-52948
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
448
|
- |
|
-
|
-
|
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecifi…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-52947
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
449
|
- |
|
-
|
-
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial …
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-52946
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
450
|
- |
|
-
|
-
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with admini…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-49041
|
2024-09-26 13:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|