|
313211
|
3.1 |
LOW
Network
|
keyfactor
|
ejbca
|
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CM…
|
NVD-CWE-noinfo
|
CVE-2024-36066
|
2024-09-19 05:28 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313212
|
7.8 |
HIGH
Local
|
wibu
|
wibukey
|
An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in ke…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45181
|
2024-09-19 05:26 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313213
|
6.1 |
MEDIUM
Network
|
discourse
|
calendar
|
Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse. Rendering event names can be susceptible to XSS attacks. This vulnerability only aff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45303
|
2024-09-19 05:25 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313214
|
6.1 |
MEDIUM
Network
|
eclipse
|
glassfish
|
In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed.
This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code includ…
|
CWE-601
Open Redirect
|
CVE-2024-8646
|
2024-09-19 05:20 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313215
|
6.5 |
MEDIUM
Network
|
reedos
|
aim-star
|
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulat…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-45786
|
2024-09-19 05:12 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313216
|
7.5 |
HIGH
Network
|
reedos
|
aim-star
|
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by …
|
NVD-CWE-Other
|
CVE-2024-45788
|
2024-09-19 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313217
|
4.3 |
MEDIUM
Network
|
reedos
|
aim-star
|
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ‘mode’ parameter in the API endpoint used during the registration process. An authenticated remote attacke…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-45789
|
2024-09-19 04:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313218
|
7.8 |
HIGH
Local
|
schneider-electric
|
vijeo_designer_embedded_in_ecostruxure_machine_expert
vijeo_designer
|
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access, loss of confidentiality, integrity and availability of the workstation when non-admin
authenticated u…
|
NVD-CWE-noinfo
|
CVE-2024-8306
|
2024-09-19 04:51 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313219
|
6.7 |
MEDIUM
Local
|
dell
|
latitude_5290_2-in-1_firmware
precision_3420_tower_firmware
precision_3620_firmware
wyse_7040_thin_client_firmware
precision_7720_firmware
precision_7520_firmware
precision_5530_2-i…
|
Dell BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading …
|
NVD-CWE-noinfo
|
CVE-2024-38483
|
2024-09-19 04:19 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313220
|
7.8 |
HIGH
Local
|
adobe
|
audition
|
Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-39378
|
2024-09-19 04:16 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
