|
314711
|
5.9 |
MEDIUM
Network
|
ibm
|
sterling_connect_direct_web_services
|
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-39746
|
2024-08-24 00:25 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314712
|
7.5 |
HIGH
Network
|
ibm
|
sterling_connect_direct_web_services
|
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-39745
|
2024-08-24 00:25 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314713
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_connect_direct_web_services
|
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted fro…
|
CWE-352
Origin Validation Error
|
CVE-2024-39744
|
2024-08-24 00:25 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314714
|
5.3 |
MEDIUM
Network
|
youdiancms
|
youdiancms
|
A vulnerability, which was classified as problematic, has been found in YouDianCMS 7. This issue affects some unknown processing of the file /t.php?action=phpinfo. The manipulation leads to informati…
|
NVD-CWE-noinfo
|
CVE-2024-7328
|
2024-08-24 00:25 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314715
|
5.4 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20443
|
2024-08-24 00:18 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314716
|
4.8 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface.
This vulnerability is due…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20479
|
2024-08-24 00:14 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314717
|
5.3 |
MEDIUM
Network
|
hp
|
instantos
|
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results…
|
NVD-CWE-noinfo
|
CVE-2024-42396
|
2024-08-24 00:07 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314718
|
5.3 |
MEDIUM
Network
|
arubanetworks
hp
|
arubaos
instantos
|
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to…
|
NVD-CWE-noinfo
|
CVE-2024-42400
|
2024-08-24 00:06 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314719
|
5.3 |
MEDIUM
Network
|
arubanetworks
hp
|
arubaos
instantos
|
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to…
|
NVD-CWE-noinfo
|
CVE-2024-42399
|
2024-08-24 00:06 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314720
|
5.3 |
MEDIUM
Network
|
arubanetworks
hp
|
arubaos
instantos
|
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to…
|
NVD-CWE-noinfo
|
CVE-2024-42398
|
2024-08-24 00:06 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
