|
307571
|
7.8 |
HIGH
Local
|
synology
|
drive_client
|
Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecifie…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2022-49038
|
2024-10-9 01:08 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307572
|
6.5 |
MEDIUM
Network
|
synology
|
drive_client
|
Insertion of sensitive information into log file vulnerability in proxy settings component in Synology Drive Client before 3.3.0-15082 allows remote authenticated users to obtain sensitive informatio…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2022-49037
|
2024-10-9 01:08 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307573
|
6.7 |
MEDIUM
Local
|
cisco
|
telepresence_video_communication_server
|
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate pri…
|
CWE-77
Command Injection
|
CVE-2024-20492
|
2024-10-9 01:07 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307574
|
4.4 |
MEDIUM
Local
|
synology
|
drive_client
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with adminis…
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-49040
|
2024-10-9 01:07 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307575
|
4.4 |
MEDIUM
Local
|
synology
|
drive_client
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with admini…
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-49041
|
2024-10-9 01:06 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307576
|
5.4 |
MEDIUM
Network
|
cisco
|
nexus_dashboard
nexus_dashboard_fabric_controller
|
A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to upload or delete files on an affected device.
This vulnerability exis…
|
CWE-862
Missing Authorization
|
CVE-2024-20477
|
2024-10-9 01:00 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307577
|
8.2 |
HIGH
Network
|
synology
|
drive_client
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service component in Synology Drive Client before 3.5.0-16084 allows remote attackers to overwrite trivial …
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-52946
|
2024-10-9 00:55 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307578
|
8.6 |
HIGH
Network
|
cisco
|
nexus_dashboard_orchestrator
nexus_dashboard_insights
nexus_dashboard_fabric_controller
|
A vulnerability in a logging function of Cisco Nexus Dashboard Insights could allow an attacker with access to a tech support file to view sensitive information.
This vulnerability exists because …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-20491
|
2024-10-9 00:55 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307579
|
9.8 |
CRITICAL
Network
|
deltaww
|
diaenergie
|
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the target…
|
CWE-89
SQL Injection
|
CVE-2024-43699
|
2024-10-9 00:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307580
|
8.8 |
HIGH
Network
|
deltaww
|
diaenergie
|
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.
|
CWE-89
SQL Injection
|
CVE-2024-42417
|
2024-10-9 00:43 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
