|
1
|
- |
|
-
|
-
|
Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances.
For this to impact an application, all of the following mus…
New
|
-
|
CVE-2024-38821
|
2024-10-28 16:15 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
- |
|
-
|
-
|
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the t…
Update
|
-
|
CVE-2024-0387
|
2024-10-28 16:15 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
6.5 |
MEDIUM
Network
|
moxa
|
iologik_e1210_firmware
iologik_e1211_firmware
iologik_e1212_firmware
iologik_e1213_firmware
iologik_e1214_firmware
iologik_e1240_firmware
iologik_e1241_firmware
iologik_e1242_fir…
|
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of se…
Update
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-5962
|
2024-10-28 16:15 |
2023-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
5.9 |
MEDIUM
Network
|
moxa
|
mxsecurity
|
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vuln…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-39982
|
2024-10-28 16:15 |
2023-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
7.2 |
HIGH
Network
|
-
|
-
|
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7…
New
|
CWE-94
Code Injection
|
CVE-2024-9162
|
2024-10-28 15:15 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
7.5 |
HIGH
Network
moxa
|
mxsecurity
|
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading …
Update
|
CWE-287
Improper Authentication
|
CVE-2023-39981
|
2024-10-28 15:15 |
2023-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
7
|
6.5 |
MEDIUM
Network
moxa
|
iologik_e4200_firmware
|
A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2023-4227
|
2024-10-28 15:15 |
2023-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
8
|
9.8 |
CRITICAL
Network
moxa
|
tn-5900_firmware
|
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the c…
Update
|
CWE-77
Command Injection
|
CVE-2023-34215
|
2024-10-28 15:15 |
2023-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
9
|
9.8 |
CRITICAL
Network
moxa
|
tn-5900_firmware
tn-4900_firmware
|
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient…
Update
|
CWE-77
Command Injection
|
CVE-2023-34214
|
2024-10-28 15:15 |
2023-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
10
|
9.8 |
CRITICAL
Network
moxa
|
tn-5900_firmware
|
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-g…
Update
|
CWE-77
Command Injection
|
CVE-2023-34213
|
2024-10-28 15:15 |
2023-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
