|
303431
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the cluster management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. To be af…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2021-1234
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303432
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of an af…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2021-1232
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303433
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data.
T…
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2021-1132
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303434
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the Transport Layer Security (TLS) protocol implementation of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attac…
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2020-3548
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303435
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authori…
|
CWE-285
Improper Authorization
|
CVE-2020-3539
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303436
|
- |
|
-
|
-
|
There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI. The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The de…
|
-
|
CVE-2024-9526
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303437
|
- |
|
-
|
-
|
Execution with Unnecessary Privileges, : Improper Protection of Alternate Path vulnerability in TR7 Application Security Platform (ASP) allows Privilege Escalation, -Privilege Abuse.This issue affect…
|
CWE-250
CWE-424
Execution with Unnecessary Privileges
Improper Protection of Alternate Path
|
CVE-2024-8781
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303438
|
- |
|
-
|
-
|
An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthe…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-11318
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303439
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection.This issue affects Website Template: befo…
|
CWE-89
SQL Injection
|
CVE-2024-3370
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303440
|
- |
|
-
|
-
|
Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. If this cookie field is preset via…
|
-
|
CVE-2024-11023
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
