|
315191
|
6.1 |
MEDIUM
Network
|
cern
|
indico
|
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45399
|
2024-09-25 01:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315192
|
6.7 |
MEDIUM
Local
|
qnap
|
qvr_smart_client
|
An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized c…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2022-27592
|
2024-09-25 01:44 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315193
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46580
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315194
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46571
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315195
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46568
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315196
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iProfileIdx parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46567
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315197
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a cra…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46550
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315198
|
7.2 |
HIGH
Network
|
qnap
|
qts
|
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have alre…
|
CWE-78
OS Command
|
CVE-2023-39300
|
2024-09-25 01:42 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315199
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPubKey parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46597
|
2024-09-25 01:41 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315200
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAct parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46596
|
2024-09-25 01:41 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
