|
307991
|
8.1 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SR…
|
NVD-CWE-noinfo
|
CVE-2024-43391
|
2024-10-1 16:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307992
|
8.1 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS.
|
NVD-CWE-noinfo
|
CVE-2024-43390
|
2024-10-1 16:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307993
|
8.1 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS.
|
NVD-CWE-noinfo
|
CVE-2024-43389
|
2024-10-1 16:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307994
|
- |
|
-
|
-
|
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malf…
|
-
|
CVE-2024-8445
|
2024-10-1 15:15 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307995
|
6.1 |
MEDIUM
Network
|
doverfuelingsolutions
|
progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware
|
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input
fields that are used to render pages which may allow cross site
scripting.
|
CWE-79
Cross-site Scripting
|
CVE-2024-41725
|
2024-10-1 04:55 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307996
|
5.5 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
watchos
|
A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitiv…
|
NVD-CWE-noinfo
|
CVE-2024-44170
|
2024-10-1 04:48 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307997
|
5.3 |
MEDIUM
Network
|
scriptcase
|
scriptcase
|
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass Security…
|
CWE-22
Path Traversal
|
CVE-2024-8941
|
2024-10-1 04:45 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307998
|
7.5 |
HIGH
Network
|
kastle
|
access_control_system_firmware
|
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45862
|
2024-10-1 04:33 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307999
|
7.5 |
HIGH
Network
|
kastle
|
access_control_system_firmware
|
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-45861
|
2024-10-1 04:25 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308000
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Rejected reason: Duplicate of CVE-2024-45806.
|
-
|
CVE-2024-7207
|
2024-10-1 04:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
