|
307611
|
5.4 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack …
|
CWE-79
Cross-site Scripting
|
CVE-2024-20403
|
2024-11-6 01:12 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307612
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20409
|
2024-11-6 01:11 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307613
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20410
|
2024-11-6 01:08 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307614
|
5.3 |
MEDIUM
Network
|
cisco
|
firepower_management_center
firepower_threat_defense
|
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.…
|
NVD-CWE-Other
|
CVE-2024-20388
|
2024-11-6 01:07 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307615
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20386
|
2024-11-6 01:05 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307616
|
- |
|
-
|
-
|
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the SetWanSettings function. This vulnerability allows attackers to execute arbitrar…
|
-
|
CVE-2024-51024
|
2024-11-6 01:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307617
|
- |
|
-
|
-
|
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the Address parameter in the SetNetworkTomographySettings function. This vulnerability allows attackers to exe…
|
-
|
CVE-2024-51023
|
2024-11-6 01:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307618
|
- |
|
-
|
-
|
Zope AccessControl provides a general security framework for use in Zope. In affected versions anonymous users can delete the user data maintained by an `AccessControl.userfolder.UserFolder` which ma…
|
CWE-284
Improper Access Control
|
CVE-2024-51734
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307619
|
- |
|
-
|
-
|
Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could resu…
|
CWE-138
CWE-159
Improper Neutralization of Special Elements
Improper Handling of Invalid Use of Special Elements
|
CVE-2024-51500
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307620
|
- |
|
-
|
-
|
gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session transmission. An attacker can inject malicious content into a WebSocket …
|
-
|
CVE-2024-48059
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
