2871
|
8.8 |
HIGH
Network
|
idrsdev
|
agile-board
|
A Host header injection vulnerability in Agile-Board 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link.
|
CWE-94
Code Injection
|
CVE-2024-51329
|
2024-11-7 04:19 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2872
|
8.1 |
HIGH
Network
|
loginizer
|
loginizer
|
The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication bypass in all versions up to, and including, 1.9.2. This is due to insufficient verification on the user be…
|
NVD-CWE-noinfo
|
CVE-2024-10097
|
2024-11-7 04:14 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2873
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net: micrel: Fix receiving the timestamp in the frame for lan8841
The blamed commit started to use the ptp workqueue to get the s…
|
-
|
CVE-2024-38593
|
2024-11-7 03:35 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2874
|
- |
|
-
|
-
|
OOB read in the TMU plugin that allows for memory disclosure in the power management subsystem of the device.
|
-
|
CVE-2024-22006
|
2024-11-7 03:35 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2875
|
- |
|
-
|
-
|
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15 allows authentication bypass by spoofing. A man-in-the-middle attacker can assume a victim's identify fo…
|
-
|
CVE-2024-23674
|
2024-11-7 03:35 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2876
|
3.3 |
LOW
Local
|
google
|
android
|
In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2023-21246
|
2024-11-7 03:35 |
2023-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2877
|
6.5 |
MEDIUM
Adjacent
|
elecom
|
wrc-1167ghbk-s_firmware wrc-1167gebk-s_firmware wrc-1167febk-s_firmware wrc-1167ghbk3-a_firmware wrc-1167febk-a_firmware
|
ELECOM wireless LAN routers are vulnerable to sensitive information exposure, which allows a network-adjacent unauthorized attacker to obtain sensitive information. Affected products and versions are…
|
NVD-CWE-noinfo
|
CVE-2023-37563
|
2024-11-7 03:35 |
2023-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2878
|
9.8 |
CRITICAL
Network
nginxui
|
nginx_ui
|
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.0.0-beta.36, when Nginx UI configures logrotate, it does not verify the input and directly passes it to exec.Command, cau…
|
NVD-CWE-noinfo
|
CVE-2024-49368
|
2024-11-7 03:28 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2879
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface.
This vulnerability …
|
CWE-79
Cross-site Scripting
|
CVE-2024-20539
|
2024-11-7 03:17 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2880
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability exis…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20538
|
2024-11-7 03:17 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|