|
313511
|
- |
|
-
|
-
|
The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execu…
|
CWE-384
Session Fixation
|
CVE-2024-45368
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313512
|
- |
|
-
|
-
|
The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to ma…
|
-
|
CVE-2024-43099
|
2024-09-14 20:47 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313513
|
7.5 |
HIGH
Network
|
fastadmin
|
fastadmin
|
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipula…
|
CWE-22
Path Traversal
|
CVE-2024-7928
|
2024-09-14 06:33 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313514
|
9.8 |
CRITICAL
Network
|
eyecix
|
jobsearch_wp_job_board
|
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-43931
|
2024-09-14 06:22 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313515
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27122
|
2024-09-14 06:16 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313516
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
|
-
|
CVE-2024-40430
|
2024-09-14 06:15 |
2024-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313517
|
8.8 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
QuTSclou…
|
CWE-78
OS Command
|
CVE-2023-34974
|
2024-09-14 06:14 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313518
|
6.2 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
Vulnerability of uncaught exceptions in the Graphics module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42037
|
2024-09-14 06:13 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313519
|
6.1 |
MEDIUM
Network
|
qnap
|
qulog_center
|
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-32762
|
2024-09-14 06:10 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313520
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
emui
|
Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42036
|
2024-09-14 06:09 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
