|
309671
|
9.8 |
CRITICAL
Network
|
zte
|
wrtm326_firmware
|
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
|
CWE-78
OS Command
|
CVE-2024-10119
|
2024-11-2 03:40 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309672
|
6.5 |
MEDIUM
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.p…
|
CWE-352
Origin Validation Error
|
CVE-2024-10448
|
2024-11-2 03:26 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309673
|
4.3 |
MEDIUM
Network
|
infinite-scroll
|
infinite-scroll
|
The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the process_a…
|
CWE-352
Origin Validation Error
|
CVE-2024-10040
|
2024-11-2 03:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309674
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20472
|
2024-11-2 03:22 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309675
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20471
|
2024-11-2 03:16 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309676
|
6.5 |
MEDIUM
Network
|
cisco
|
anyconnect_secure_mobility_client
secure_client
|
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secur…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-20474
|
2024-11-2 03:14 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309677
|
8.8 |
HIGH
Network
|
grafana
|
grafana
|
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, le…
|
CWE-77
Command Injection
|
CVE-2024-9264
|
2024-11-2 03:14 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309678
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20473
|
2024-11-2 03:09 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309679
|
9.9 |
CRITICAL
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote at…
|
CWE-78
OS Command
|
CVE-2024-20424
|
2024-11-2 03:07 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309680
|
7.8 |
HIGH
Local
|
vso-software
|
convertxtodvd
|
A vulnerability, which was classified as critical, was found in VSO ConvertXtoDvd 7.0.0.83. Affected is an unknown function in the library avcodec.dll of the file ConvertXtoDvd.exe. The manipulation …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-10093
|
2024-11-2 03:07 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
