|
1981
|
6.5 |
MEDIUM
Network
|
nozominetworks
|
cmc
guardian
|
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alerts_count component, allows an authenticated attacker to execute arbitrary SQL stat…
|
CWE-89
SQL Injection
|
CVE-2023-23574
|
2024-09-20 21:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1982
|
6.5 |
MEDIUM
Network
|
nozominetworks
|
cmc
guardian
|
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL statement…
|
CWE-89
SQL Injection
|
CVE-2023-22378
|
2024-09-20 21:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1983
|
4.8 |
MEDIUM
Network
|
nozominetworks
|
cmc
guardian
|
An authenticated attacker with administrative access to the web management interface can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will be stored and …
|
CWE-79
Cross-site Scripting
|
CVE-2023-22843
|
2024-09-20 21:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1984
|
7.5 |
HIGH
Network
nozominetworks
|
cmc
guardian
|
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unau…
|
CWE-20
Improper Input Validation
|
CVE-2023-32649
|
2024-09-20 20:15 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1985
|
7.4 |
HIGH
Network
|
nozominetworks
|
cmc
guardian
|
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthentic…
|
CWE-89
SQL Injection
|
CVE-2023-29245
|
2024-09-20 20:15 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1986
|
7.2 |
HIGH
Network
|
nozominetworks
|
cmc
guardian
|
Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands o…
|
CWE-20
Improper Input Validation
|
CVE-2022-0551
|
2024-09-20 20:15 |
2022-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1987
|
7.2 |
HIGH
Network
|
nozominetworks
|
cmc
guardian
|
Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an authenticated attacker with admin or report manager roles to execute unattended com…
|
CWE-20
Improper Input Validation
|
CVE-2022-0550
|
2024-09-20 20:15 |
2022-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1988
|
- |
|
-
|
-
|
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on cli…
|
-
|
CVE-2024-3044
|
2024-09-20 19:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1989
|
- |
|
-
|
-
|
Rejected reason: DoS issues, or unexploitable crashes, are out of scope for vulnerabilities.
|
-
|
CVE-2023-36268
|
2024-09-20 18:15 |
2024-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1990
|
- |
|
-
|
-
|
There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 10.8.1 through 11.2 on Windows and Linux, and ArcGIS Enterprise 11.1 and belo…
|
CWE-323
Reusing a Nonce, Key Pair in Encryption
|
CVE-2024-25699
|
2024-09-20 12:15 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
