|
315111
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42059
|
2024-09-5 23:38 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315112
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series…
|
CWE-78
OS Command
|
CVE-2024-42060
|
2024-09-5 23:37 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315113
|
- |
|
-
|
-
|
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000.
|
-
|
CVE-2024-45692
|
2024-09-5 23:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315114
|
4.9 |
MEDIUM
Network
|
zyxel
|
zld_firmware
|
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series fi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-6343
|
2024-09-5 23:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315115
|
7.2 |
HIGH
Network
|
zyxel
|
zld_firmware
|
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.60 through V5.38 and USG FLEX series firmware versions from V4.60 through V5.38 could allow an auth…
|
CWE-78
OS Command
|
CVE-2024-7203
|
2024-09-5 23:33 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315116
|
6.1 |
MEDIUM
Network
|
zyxel
|
zld_firmware
|
A reflected cross-site scripting (XSS) vulnerability in the CGI program "dynamic_script.cgi" of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-42061
|
2024-09-5 23:32 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315117
|
9.8 |
CRITICAL
Network
|
linen
|
linen
|
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. This occurs in create in apps/web/pages/api/forgot-password/index.ts.
|
NVD-CWE-Other
|
CVE-2024-45522
|
2024-09-5 23:29 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315118
|
7.5 |
HIGH
Network
|
linuxfoundation
rdkcentral
google
|
yocto
rdk-b
android
|
In wlan, there is a possible denial of service due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not nee…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-20089
|
2024-09-5 23:28 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315119
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not n…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20088
|
2024-09-5 23:27 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315120
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-20087
|
2024-09-5 23:26 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
