|
313891
|
8.1 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) s…
|
CWE-78
OS Command
|
CVE-2024-42057
|
2024-09-5 23:40 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313892
|
6.1 |
MEDIUM
Network
|
semtekyazilim
|
semtek_sempos
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Reflected XSS.This issue affects…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7077
|
2024-09-5 23:39 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313893
|
9.8 |
CRITICAL
Network
|
semtekyazilim
|
semtek_sempos
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection.This issue a…
|
CWE-89
SQL Injection
|
CVE-2024-7076
|
2024-09-5 23:39 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313894
|
7.5 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A null pointer dereference vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware ver…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42058
|
2024-09-5 23:39 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313895
|
4.3 |
MEDIUM
Network
|
discourse
|
discourse_calendar
|
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. The limit on region value length is too generous. This allows a malicious ac…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-21658
|
2024-09-5 23:39 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313896
|
5.4 |
MEDIUM
Network
|
azurecurve
|
toggle_show\/hide
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Tog…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43961
|
2024-09-5 23:39 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313897
|
9.8 |
CRITICAL
Network
|
semtekyazilim
|
semtek_sempos
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows SQL Injection.This issue affects…
|
CWE-89
SQL Injection
|
CVE-2024-7078
|
2024-09-5 23:38 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313898
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42059
|
2024-09-5 23:38 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313899
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42060
|
2024-09-5 23:37 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313900
|
- |
|
-
|
-
|
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
|
-
|
CVE-2024-45692
|
2024-09-5 23:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
