2441
|
7.5 |
HIGH
Network
hitachienergy
|
relion_670_firmware relion_650_firmware relion_sam600-io_firmware
|
A vulnerability exists in the input validation of the GOOSE
messages where out of range values received and processed
by the IED caused a reboot of the device. In order for an
attacker to exploit …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2023-4518
|
2024-09-23 22:15 |
2023-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2442
|
5.4 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-36148
|
2024-09-23 21:15 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2443
|
- |
|
-
|
-
|
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated components. An attacker with local administrative privileges could exploit this by placing malicious DLLs o…
|
-
|
CVE-2024-25103
|
2024-09-23 21:15 |
2024-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2444
|
- |
|
-
|
-
|
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploi…
|
-
|
CVE-2024-25102
|
2024-09-23 21:15 |
2024-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2445
|
7.5 |
HIGH
Network
vidco
|
voc_tester
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidco Software VOC TESTER allows Path Traversal.This issue affects VOC TESTER: before 12.34.8.
|
CWE-22
Path Traversal
|
CVE-2024-7609
|
2024-09-23 18:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2446
|
9.8 |
CRITICAL
Network
profelis
|
passbox
|
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse.This issue affec…
|
CWE-287 CWE-306 CWE-285
Improper Authentication Missing Authentication for Critical Function Improper Authorization
|
CVE-2024-7015
|
2024-09-23 18:15 |
2024-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2447
|
- |
|
-
|
-
|
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.
|
-
|
CVE-2024-27185
|
2024-09-22 14:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2448
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-32830
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2449
|
6.7 |
MEDIUM
Local
|
linuxfoundation mediatek google
|
yocto iot_yocto android
|
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-32829
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2450
|
6.7 |
MEDIUM
Local
|
mediatek google
|
iot_yocto android
|
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-32828
|
2024-09-22 01:35 |
2023-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|