|
314101
|
- |
|
-
|
-
|
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Unauthenticated sessions remain open, causing resource consumption. For example, a…
|
-
|
CVE-2024-45163
|
2024-08-23 00:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314102
|
- |
|
-
|
-
|
Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the book_id parameter at admin_room_history.php.
|
-
|
CVE-2024-42552
|
2024-08-23 00:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314103
|
9.8 |
CRITICAL
Network
|
secom
|
dr.id_access_control
|
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database cont…
|
CWE-89
SQL Injection
|
CVE-2024-7731
|
2024-08-22 23:40 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314104
|
9.8 |
CRITICAL
Network
|
traccar
|
traccar
|
Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator Panel modules allows Authentication Abuse.This issue affects the privileged transactions implemented by …
|
CWE-287
Improper Authentication
|
CVE-2024-7746
|
2024-08-22 23:40 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314105
|
5.5 |
MEDIUM
Local
|
fortinet
|
fortios
|
An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14 and 6.4.x may allow an attacker who has already successfully obtained wri…
|
NVD-CWE-Other
|
CVE-2024-36505
|
2024-08-22 23:36 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314106
|
- |
|
-
|
-
|
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is transferred over a raw socket without any authentication mechanism. Thus, communication endpoints are not verifiable.
|
-
|
CVE-2024-45168
|
2024-08-22 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314107
|
- |
|
-
|
-
|
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a me…
|
-
|
CVE-2024-45166
|
2024-08-22 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314108
|
9.8 |
CRITICAL
Network
|
arajajyothibabu
|
school_management_system
|
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.
|
CWE-89
SQL Injection
|
CVE-2024-42573
|
2024-08-22 23:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314109
|
7.8 |
HIGH
Local
|
fortinet
|
fortimanager
fortianalyzer
|
A unverified password change in Fortinet FortiManager versions 7.0.0 through 7.0.10, versions 7.2.0 through 7.2.4, and versions 7.4.0 through 7.4.1, as well as Fortinet FortiAnalyzer versions 7.0.0 t…
|
NVD-CWE-Other
|
CVE-2024-21757
|
2024-08-22 23:34 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314110
|
9.0 |
CRITICAL
Network
|
fortinet
|
fortisoar
|
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSOAR 7.3.0 through 7.3.2 allows an authenticated, remote attacker to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2023-26211
|
2024-08-22 23:33 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
