|
313221
|
- |
|
-
|
-
|
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable.
|
-
|
CVE-2024-45168
|
2024-08-22 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313222
|
- |
|
-
|
-
|
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a me…
|
-
|
CVE-2024-45166
|
2024-08-22 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313223
|
9.8 |
CRITICAL
Network
|
arajajyothibabu
|
school_management_system
|
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
|
CWE-89
SQL Injection
|
CVE-2024-42573
|
2024-08-22 23:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313224
|
7.8 |
HIGH
Local
|
fortinet
|
fortimanager
fortianalyzer
|
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 t…
|
NVD-CWE-Other
|
CVE-2024-21757
|
2024-08-22 23:34 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313225
|
9.0 |
CRITICAL
Network
|
fortinet
|
fortisoar
|
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2023-26211
|
2024-08-22 23:33 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313226
|
8.8 |
HIGH
Network
|
fortinet
|
fortios
fortipam
fortiswitchmanager
fortiproxy
|
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and below, 7.0 all versions, 6.4 all versions; FortiProxy 7.2 all versions, 7.0 all versions; FortiPAM 1.3 al…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-45862
|
2024-08-22 23:32 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313227
|
7.8 |
HIGH
Local
|
fortinet
|
fortiddos-f
fortiddos
|
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0,…
|
CWE-78
OS Command
|
CVE-2022-27486
|
2024-08-22 23:29 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313228
|
7.1 |
HIGH
Network
|
pepperl-fuchs
|
icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus…
|
An unauthenticated remote attacker may use a reflected XSS vulnerability to obtain information from a user or reboot the affected device once.
|
CWE-79
Cross-site Scripting
|
CVE-2024-5849
|
2024-08-22 22:39 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313229
|
7.1 |
HIGH
Network
|
pepperl-fuchs
|
icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus…
|
An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38502
|
2024-08-22 22:35 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313230
|
6.1 |
MEDIUM
Network
|
pepperl-fuchs
|
icdm-rx\/tcp_socketserver_firmware
profinet_firmware
profinet\/modbus_firmware
modbus_router_firmware
modbus_server_firmware
modbus_tcp_firmware
ethernet\/ip_firmware
eip\/modbus…
|
An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38501
|
2024-08-22 22:34 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
