|
312641
|
5.4 |
MEDIUM
Network
|
zohocorp
|
manageengine_servicedesk_plus_msp
manageengine_servicedesk_plus
manageengine_supportcenter_plus
|
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-38869
|
2024-08-31 03:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312642
|
9.8 |
CRITICAL
Network
|
pimax
|
play
pitool
|
Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.
|
NVD-CWE-Other
|
CVE-2024-41889
|
2024-08-31 02:53 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312643
|
8.0 |
HIGH
Adjacent
|
zexelon
|
zwx-2000csw2-hn_firmware
|
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the con…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-41720
|
2024-08-31 02:49 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312644
|
8.8 |
HIGH
Adjacent
|
zexelon
|
zwx-2000csw2-hn_firmware
|
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the devic…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-39838
|
2024-08-31 02:49 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312645
|
9.1 |
CRITICAL
Network
|
hamastar
|
meetinghub_paperless_meetings
|
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-6118
|
2024-08-31 02:44 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312646
|
8.8 |
HIGH
Network
|
hamastar
|
meetinghub_paperless_meetings
|
A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary sy…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-6117
|
2024-08-31 02:41 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312647
|
5.3 |
MEDIUM
Network
|
in2code
|
powermail
|
An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference (IDOR). An un…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-45232
|
2024-08-31 01:34 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312648
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2024-8194
|
2024-08-31 01:34 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312649
|
9.8 |
CRITICAL
Network
|
in2code
|
powermail
|
An issue was discovered in powermail extension through 12.3.5 for TYPO3. Several actions in the OutputController can directly be called, due to missing or insufficiently implemented access checks, re…
|
NVD-CWE-Other
|
CVE-2024-45233
|
2024-08-31 01:33 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312650
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8250
|
2024-08-31 01:32 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
