|
250451
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20410
|
2024-11-6 01:08 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250452
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_management_center
firepower_threat_defense
|
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.…
|
NVD-CWE-Other
|
CVE-2024-20388
|
2024-11-6 01:07 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250453
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20386
|
2024-11-6 01:05 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250454
|
- |
|
-
|
-
|
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrar…
|
-
|
CVE-2024-51024
|
2024-11-6 01:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250455
|
- |
|
-
|
-
|
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to exe…
|
-
|
CVE-2024-51023
|
2024-11-6 01:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250456
|
- |
|
-
|
-
|
Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which ma…
|
CWE-284
Improper Access Control
|
CVE-2024-51734
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250457
|
- |
|
-
|
-
|
Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu…
|
CWE-138
CWE-159
Improper Neutralization of Special Elements
Improper Handling of Invalid Use of Special Elements
|
CVE-2024-51500
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250458
|
- |
|
-
|
-
|
gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket …
|
-
|
CVE-2024-48059
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250459
|
- |
|
-
|
-
|
golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-51744
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250460
|
- |
|
-
|
-
|
A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request that posts a fake post onto the user's social wall without the…
|
-
|
CVE-2024-30617
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
