|
231
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47940
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
232
|
6.5 |
MEDIUM
Local
|
siemens
|
sinec_nms
|
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to…
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47808
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
233
|
7.8 |
HIGH
Local
|
siemens
|
siport
|
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders.
This could allow a local attacker with …
New
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47783
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
234
|
8.1 |
HIGH
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or …
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-46892
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
235
|
9.1 |
CRITICAL
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could al…
New
|
CWE-78
OS Command
|
CVE-2024-46890
|
2024-11-14 08:12 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
236
|
5.3 |
MEDIUM
Network
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could a…
New
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2024-46889
|
2024-11-14 08:11 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
237
|
9.9 |
CRITICAL
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. Thi…
New
|
CWE-22
Path Traversal
|
CVE-2024-46888
|
2024-11-14 08:11 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
238
|
10.0 |
CRITICAL
Network
siemens
|
telecontrol_server_basic
|
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-44102
|
2024-11-14 08:05 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
239
|
8.8 |
HIGH
Network
|
tenda
|
ac10_firmware
|
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of …
Update
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11061
|
2024-11-14 08:04 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
240
|
7.2 |
HIGH
Network
|
surajkumarvishwakarma
|
real_estate_management_system
|
A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /aboutedit.php of the component A…
Update
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11058
|
2024-11-14 08:03 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
