|
309141
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPol…
|
CWE-89
SQL Injection
|
CVE-2024-10133
|
2024-10-23 03:10 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309142
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the function actionDelNetSecConfig of the file /com/esafenet/servlet/netSec/NetSecConfigService.java. The…
|
CWE-89
SQL Injection
|
CVE-2024-10135
|
2024-10-23 03:09 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309143
|
7.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exe…
|
CWE-78
OS Command
|
CVE-2024-20459
|
2024-10-23 03:06 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309144
|
8.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or …
|
CWE-78
OS Command
|
CVE-2024-20458
|
2024-10-23 03:03 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309145
|
7.5 |
HIGH
Network
|
didiglobal
|
ddmq
|
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10173
|
2024-10-23 02:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309146
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309147
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate …
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6055
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309148
|
6.8 |
MEDIUM
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM S…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49567
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309149
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificat…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6056
|
2024-10-23 01:38 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309150
|
5.4 |
MEDIUM
Network
|
newsignature
|
wp_easy_post_types
|
The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escapi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10080
|
2024-10-23 01:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
