|
306861
|
8.1 |
HIGH
Network
|
-
|
-
|
A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-41967
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306862
|
- |
|
-
|
-
|
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a …
|
-
|
CVE-2024-5030
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306863
|
- |
|
-
|
-
|
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Sit…
|
-
|
CVE-2024-52943
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306864
|
- |
|
-
|
-
|
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Sit…
|
-
|
CVE-2024-52942
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306865
|
- |
|
-
|
-
|
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24695. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Sit…
|
-
|
CVE-2024-52941
|
2024-11-19 02:11 |
2024-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306866
|
- |
|
-
|
-
|
A flaw was found in GNOME Maps, which is vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary code.
|
-
|
CVE-2023-43091
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306867
|
7.7 |
HIGH
Network
|
-
|
-
|
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods goin…
|
CWE-20
Improper Input Validation
|
CVE-2024-0793
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306868
|
5.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.
|
-
|
CVE-2023-6110
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306869
|
7.4 |
HIGH
Network
|
-
|
-
|
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltr…
|
CWE-444
HTTP Request Smuggling
|
CVE-2023-4639
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306870
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject …
|
CWE-233
Improper Handling of Parameters
|
CVE-2023-1419
|
2024-11-19 02:11 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
