|
661
|
10.0 |
CRITICAL
Network
-
|
-
|
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code exe…
New
|
CWE-77
Command Injection
|
CVE-2024-39759
|
2025-01-15 00:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
662
|
- |
|
-
|
-
|
Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.
New
|
-
|
CVE-2024-7344
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
663
|
- |
|
-
|
-
|
An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file
New
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-47572
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
664
|
- |
|
-
|
-
|
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.
New
|
CWE-672
Operation on a Resource after Expiration or Release
|
CVE-2024-47571
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
665
|
- |
|
-
|
-
|
A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to d…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-46667
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
666
|
- |
|
-
|
-
|
An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticate…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2024-36504
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
667
|
- |
|
-
|
-
|
A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 allows a privileged attacker to delete files from the underlying filesystem via…
New
|
CWE-23
CWE-22
Relative Path Traversal
Path Traversal
|
CVE-2024-32115
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
668
|
- |
|
-
|
-
|
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack a…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-23106
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
669
|
- |
|
-
|
-
|
A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, prov…
New
|
CWE-121
CWE-120
Stack-based Buffer Overflow
Classic Buffer Overflow
|
CVE-2024-21758
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
670
|
- |
|
-
|
-
|
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-88] in FortiVoice Entreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenti…
New
|
CWE-89
SQL Injection
|
CVE-2023-37931
|
2025-01-15 00:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
