971
|
8.8 |
HIGH
Network
|
slicedinvoices
|
sliced_invoices
|
Missing Authorization vulnerability in Sliced Invoices.This issue affects Sliced Invoices: from n/a through 3.9.2.
Update
|
CWE-862
Missing Authorization
|
CVE-2024-30517
|
2024-10-8 03:14 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
972
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008 windows_server_2012 windows_server_2022 windows_server_2019 windows_server_2016 windows_server_2022_23h2 windows_11_22h2 windows_11_23h2 windows_11_21h2
|
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-21363
|
2024-10-8 03:09 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
973
|
4.3 |
MEDIUM
Adjacent
|
gotenna
|
gotenna_pro
|
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of operation.
Update
|
NVD-CWE-noinfo
|
CVE-2024-47128
|
2024-10-8 03:00 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
974
|
6.5 |
MEDIUM
Adjacent
|
gotenna
|
gotenna_pro
|
The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys used for P2P and Group messages.
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-47130
|
2024-10-8 02:57 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
975
|
5.4 |
MEDIUM
Adjacent
|
gotenna
|
gotenna_pro
|
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker to intercept and manipulate messages.
Update
|
CWE-287
Improper Authentication
|
CVE-2024-47125
|
2024-10-8 02:57 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
976
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xr
|
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause …
Update
|
NVD-CWE-noinfo
|
CVE-2024-20406
|
2024-10-8 02:56 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
977
|
4.3 |
MEDIUM
Adjacent
|
gotenna
|
gotenna_pro
|
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used.
Update
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-47129
|
2024-10-8 02:54 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
978
|
5.3 |
MEDIUM
Network
cisco
|
ios_xr
|
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.
This vu…
Update
|
NVD-CWE-Other
|
CVE-2024-20390
|
2024-10-8 02:51 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
979
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This is…
Update
|
CWE-22
Path Traversal
|
CVE-2024-47324
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
980
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin allows PHP Local File Inclusion.This is…
Update
|
-
|
CVE-2024-47323
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|