|
2181
|
- |
|
-
|
-
|
A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 al…
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2023-37936
|
2025-01-14 23:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2182
|
7.4 |
HIGH
Network
|
-
|
-
|
A vulnerability has been identified in Mendix LDAP (All versions < V1.1.2). Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to by…
|
CWE-90
LDAP Injection
|
CVE-2024-56841
|
2025-01-14 20:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2183
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in Industrial Edge Management OS (IEM-OS) (All versions). Affected components are vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45385
|
2025-01-14 20:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2184
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the row label parameter in all versions up to, and including, 2.31.0 due to insufficient input san…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12240
|
2025-01-14 20:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2185
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.80), SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.80), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-53649
|
2025-01-14 20:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2186
|
7.1 |
HIGH
Network
|
-
|
-
|
A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-…
|
CWE-352
Origin Validation Error
|
CVE-2024-47100
|
2025-01-14 20:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2187
|
- |
|
-
|
-
|
SQL Injection vulnerability exists in STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may obtain the administrative password of the web management pa…
|
CWE-89
SQL Injection
|
CVE-2025-20620
|
2025-01-14 19:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2188
|
- |
|
-
|
-
|
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS comm…
|
CWE-78
OS Command
|
CVE-2025-20055
|
2025-01-14 19:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2189
|
- |
|
-
|
-
|
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management…
|
CWE-78
OS Command
|
CVE-2025-20016
|
2025-01-14 19:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2190
|
9.8 |
CRITICAL
Network
-
|
-
|
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, …
|
CWE-287
Improper Authentication
|
CVE-2024-12919
|
2025-01-14 19:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
