|
2321
|
- |
|
-
|
-
|
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to ro…
|
CWE-78
OS Command
|
CVE-2021-26115
|
2024-12-19 20:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2322
|
- |
|
-
|
-
|
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux versions 6.2.7 and below, version 6.4.0. may allow local users to elevate their privileges to root by…
|
CWE-269
Improper Privilege Management
|
CVE-2020-15934
|
2024-12-19 20:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2323
|
- |
|
-
|
-
|
Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the Fort…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2020-12820
|
2024-12-19 20:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2324
|
- |
|
-
|
-
|
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and …
|
-
|
CVE-2023-4617
|
2024-12-19 19:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2325
|
- |
|
-
|
-
|
Netskope was made aware of a security vulnerability in Netskope Endpoint DLP’s Content Control Driver where a double-fetch issue leads to heap overflow. The vulnerability arises from the fact that th…
|
-
|
CVE-2024-11616
|
2024-12-19 19:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2326
|
- |
|
-
|
-
|
External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malici…
|
CWE-73
External Control of File Name or Path
|
CVE-2024-4230
|
2024-12-19 17:17 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2327
|
- |
|
-
|
-
|
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious loca…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-4229
|
2024-12-19 17:17 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2328
|
- |
|
-
|
-
|
An access of uninitialized pointer (CWE-824) vulnerability in FortiWLC versions 8.6.0, 8.5.3 and earlier may allow a local and authenticated attacker to crash the access point being managed by the co…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2021-26093
|
2024-12-19 17:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2329
|
- |
|
-
|
-
|
A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2020-12819
|
2024-12-19 17:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2330
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via the 'btn_bloc…
|
CWE-200
Information Exposure
|
CVE-2024-12560
|
2024-12-19 16:15 |
2024-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
