|
251031
|
7.2 |
HIGH
Network
|
hitachienergy
|
tro610_firmware
tro620_firmware
tro670_firmware
|
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the
we…
|
CWE-77
Command Injection
|
CVE-2024-41153
|
2024-10-31 23:37 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251032
|
5.5 |
MEDIUM
Local
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-20462
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251033
|
8.8 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an…
|
NVD-CWE-Other
|
CVE-2024-20420
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251034
|
6.1 |
MEDIUM
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scrip…
|
NVD-CWE-Other
|
CVE-2024-20460
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251035
|
6.5 |
MEDIUM
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery…
|
CWE-352
Origin Validation Error
|
CVE-2024-20421
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251036
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
…
|
-
|
CVE-2024-20466
|
2024-10-31 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251037
|
- |
|
-
|
-
|
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, caus…
|
-
|
CVE-2021-46746
|
2024-10-31 23:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251038
|
5.3 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox
|
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, an…
|
NVD-CWE-noinfo
|
CVE-2024-10460
|
2024-10-31 23:32 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251039
|
6.5 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method all…
|
CWE-22
Path Traversal
|
CVE-2024-46977
|
2024-10-31 23:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251040
|
6.1 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43795
|
2024-10-31 23:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
