|
313391
|
- |
|
-
|
-
|
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthe…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-11318
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313392
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection.This issue affects Website Template: befo…
|
CWE-89
SQL Injection
|
CVE-2024-3370
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313393
|
- |
|
-
|
-
|
Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. If this cookie field is preset via…
|
-
|
CVE-2024-11023
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313394
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communicat…
|
-
|
CVE-2020-3532
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313395
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Small Business RV042 Dual WAN VPN Routers and Cisco Small Business RV042G Dual Gigabit WAN VPN Routers could allow an unauthen…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3431
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313396
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could a…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3420
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313397
|
8.6 |
HIGH
Network
|
-
|
-
|
A vulnerability in the SSL/TLS handler of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, le…
|
CWE-457
Use of Uninitialized Variable
|
CVE-2020-27124
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313398
|
- |
|
-
|
-
|
A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system.
…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2020-26074
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313399
|
7.5 |
HIGH
Network
|
-
|
-
|
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.
The vulnerability is …
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2020-26073
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313400
|
7.1 |
HIGH
Network
|
-
|
-
|
A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-41974
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
