|
312241
|
5.4 |
MEDIUM
Network
|
azurecurve
|
toggle_show\/hide
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Tog…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43961
|
2024-09-5 23:39 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312242
|
9.8 |
CRITICAL
Network
|
semtekyazilim
|
semtek_sempos
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows SQL Injection.This issue affects…
|
CWE-89
SQL Injection
|
CVE-2024-7078
|
2024-09-5 23:38 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312243
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42059
|
2024-09-5 23:38 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312244
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42060
|
2024-09-5 23:37 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312245
|
- |
|
-
|
-
|
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
|
-
|
CVE-2024-45692
|
2024-09-5 23:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312246
|
4.9 |
MEDIUM
Network
|
zyxel
|
zld_firmware
|
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series fi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-6343
|
2024-09-5 23:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312247
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an auth…
|
CWE-78
OS Command
|
CVE-2024-7203
|
2024-09-5 23:33 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312248
|
6.1 |
MEDIUM
Network
|
zyxel
|
zld_firmware
|
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-42061
|
2024-09-5 23:32 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312249
|
9.8 |
CRITICAL
Network
|
linen
|
linen
|
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
|
NVD-CWE-Other
|
CVE-2024-45522
|
2024-09-5 23:29 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312250
|
7.5 |
HIGH
Network
|
linuxfoundation
rdkcentral
google
|
yocto
rdk-b
android
|
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not nee…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-20089
|
2024-09-5 23:28 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
