|
256111
|
- |
|
-
|
-
|
A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attac…
|
-
|
CVE-2024-42915
|
2024-08-24 03:35 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256112
|
- |
|
-
|
-
|
DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discovered to contain a command injection vulnerability via the actio…
|
-
|
CVE-2024-43027
|
2024-08-24 03:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256113
|
7.5 |
HIGH
Network
|
axios
|
axios
|
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-39338
|
2024-08-24 03:35 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256114
|
6.5 |
MEDIUM
Network
|
siemens
|
ruggedcom_rm1224_lte\(4g\)_eu_firmware
ruggedcom_rm1224_lte\(4g\)_nam_firmware
scalance_m804pb_firmware
scalance_m826-2_shdsl-router_firmware
scalance_m874-2_firmware
scalance_m874-3_f…
|
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-41978
|
2024-08-24 03:34 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256115
|
- |
|
-
|
-
|
autMan v2.9.6 allows attackers to bypass authentication via a crafted web request.
|
-
|
CVE-2024-43032
|
2024-08-24 03:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256116
|
- |
|
-
|
-
|
autMan v2.9.6 was discovered to contain an access control issue.
|
-
|
CVE-2024-43031
|
2024-08-24 03:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256117
|
7.5 |
HIGH
Network
|
cisco
|
spa_301_firmware
spa_303_firmware
spa_501g_firmware
spa_502g_firmware
spa_504g_firmware
spa_508g_firmware
spa_509g_firmware
spa_512g_firmware
spa_514g_firmware
spa_525g_fir…
|
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote …
|
NVD-CWE-noinfo
|
CVE-2024-20451
|
2024-08-24 03:14 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256118
|
9.8 |
CRITICAL
Network
|
cisco
|
spa_301_firmware
spa_303_firmware
spa_501g_firmware
spa_502g_firmware
spa_504g_firmware
spa_508g_firmware
spa_509g_firmware
spa_512g_firmware
spa_514g_firmware
spa_525g_fir…
|
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-20450
|
2024-08-24 03:14 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256119
|
9.8 |
CRITICAL
Network
|
cisco
|
spa_301_firmware
spa_303_firmware
spa_501g_firmware
spa_502g_firmware
spa_504g_firmware
spa_508g_firmware
spa_509g_firmware
spa_512g_firmware
spa_514g_firmware
spa_525g_fir…
|
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-20454
|
2024-08-24 03:13 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256120
|
6.5 |
MEDIUM
Network
|
enphase
|
iq_gateway_firmware
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability through a url parameter in Enphase IQ Gateway (formerly known as Envoy) allows File Manipulation. The endp…
|
CWE-22
Path Traversal
|
CVE-2024-21877
|
2024-08-24 03:06 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
