|
307281
|
7.5 |
HIGH
Network
|
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my view right" feature as long as the attacker…
|
NVD-CWE-noinfo
|
CVE-2024-52298
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307282
|
8.1 |
HIGH
Network
|
mayurik
|
hospital_management_system
|
A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-11073
|
2024-11-19 02:21 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307283
|
5.5 |
MEDIUM
Local
|
isellerpal
|
enterprise_resource_management_system
|
An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component
|
NVD-CWE-noinfo
|
CVE-2024-42677
|
2024-11-19 02:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307284
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to …
|
-
|
CVE-2021-1465
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307285
|
4.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affecte…
|
-
|
CVE-2020-3538
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307286
|
- |
|
-
|
-
|
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker w…
|
CWE-20
Improper Input Validation
|
CVE-2021-1462
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307287
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote at…
|
CWE-79
Cross-site Scripting
|
CVE-2021-1444
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307288
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2021-1425
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307289
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organiz…
|
CWE-284
Improper Access Control
|
CVE-2021-1410
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307290
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, ad…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-1379
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
