|
313841
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the function actionDelNetSecConfig of the file /com/esafenet/servlet/netSec/NetSecConfigService.java. The…
|
CWE-89
SQL Injection
|
CVE-2024-10135
|
2024-10-23 03:09 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313842
|
7.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exe…
|
CWE-78
OS Command
|
CVE-2024-20459
|
2024-10-23 03:06 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313843
|
8.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or …
|
CWE-78
OS Command
|
CVE-2024-20458
|
2024-10-23 03:03 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313844
|
7.5 |
HIGH
Network
|
didiglobal
|
ddmq
|
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10173
|
2024-10-23 02:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313845
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313846
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate …
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6055
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313847
|
6.8 |
MEDIUM
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM S…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49567
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313848
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificat…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6056
|
2024-10-23 01:38 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313849
|
5.4 |
MEDIUM
Network
|
newsignature
|
wp_easy_post_types
|
The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escapi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10080
|
2024-10-23 01:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313850
|
8.8 |
HIGH
Network
|
newsignature
|
wp_easy_post_types
|
The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-10079
|
2024-10-23 01:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
