|
319061
|
7.5 |
HIGH
Network
|
watchguard
|
single_sign-on_client
|
Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network acc…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-6594
|
2024-10-2 04:41 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319062
|
9.1 |
CRITICAL
Network
|
watchguard
|
authentication_gateway
|
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands.
This…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6593
|
2024-10-2 04:37 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319063
|
7.5 |
HIGH
Network
|
circutor
|
q-smt_firmware
|
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web app…
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-8888
|
2024-10-2 04:30 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319064
|
7.8 |
HIGH
Local
|
grafana
|
alloy
|
Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM
This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-r…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2024-8975
|
2024-10-2 04:20 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319065
|
7.8 |
HIGH
Local
|
grafana
|
agent
|
Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM
This issue affects Agent Flow: before 0.43.2
|
CWE-428
Unquoted Search Path or Element
|
CVE-2024-8996
|
2024-10-2 04:16 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319066
|
7.5 |
HIGH
Network
|
openslides
|
openslides
|
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2024-22892
|
2024-10-2 04:10 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319067
|
6.5 |
MEDIUM
Network
|
ihedvall
|
mdf_library
|
Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function
|
CWE-787
Out-of-bounds Write
|
CVE-2024-41445
|
2024-10-2 04:03 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319068
|
5.5 |
MEDIUM
Local
|
devolutions
|
remote_desktop_manager
|
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-7421
|
2024-10-2 03:36 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319069
|
9.8 |
CRITICAL
Network
|
meshtastic
|
meshtastic_firmware
|
Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47078
|
2024-10-2 03:29 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319070
|
8.6 |
HIGH
Network
|
circutor
|
q-smt_firmware
|
CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login p…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2024-8887
|
2024-10-2 02:30 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
