|
314871
|
7.5 |
HIGH
Network
|
cisco
|
ios
ios_xe
|
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to relo…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-20433
|
2024-10-3 22:34 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314872
|
9.8 |
CRITICAL
Network
|
tduckcloud
|
tduckpro
|
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The at…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-8692
|
2024-10-3 22:17 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314873
|
7.8 |
HIGH
Local
|
cisco
|
ios_xr
|
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device.
T…
|
CWE-78
OS Command
|
CVE-2024-20398
|
2024-10-3 10:47 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314874
|
7.2 |
HIGH
Network
|
cisco
|
ios_xr
|
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacke…
|
CWE-78
OS Command
|
CVE-2024-20483
|
2024-10-3 10:44 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314875
|
5.5 |
MEDIUM
Local
|
cisco
|
ios_xr
|
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.
This vulnerabilit…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-20489
|
2024-10-3 10:40 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314876
|
7.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
|
CWE-78
OS Command
|
CVE-2024-8686
|
2024-10-3 10:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314877
|
7.8 |
HIGH
Local
|
telerik
|
ui_for_wpf
|
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a code execution attack is possible through an insecure deserialization vulnerability.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8316
|
2024-10-3 10:01 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314878
|
5.5 |
MEDIUM
Local
|
papercut
|
papercut_ng
papercut_mf
|
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the web-print.exe process, which can incor…
|
CWE-77
Command Injection
|
CVE-2024-8405
|
2024-10-3 09:51 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314879
|
7.5 |
HIGH
Network
|
nationalkeep
|
cybermath
|
Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations.This issue affects CyberMath: b…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-7107
|
2024-10-3 09:39 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314880
|
6.1 |
MEDIUM
Network
|
planex
|
cs-qr10_firmware
cs-qr20_firmware
cs-qr22_firmware
cs-qr220_firmware
cs-qr300_firmware
|
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45836
|
2024-10-3 09:35 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
