|
314751
|
5.5 |
MEDIUM
Local
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-20462
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314752
|
8.8 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an…
|
NVD-CWE-Other
|
CVE-2024-20420
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314753
|
6.1 |
MEDIUM
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scrip…
|
NVD-CWE-Other
|
CVE-2024-20460
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314754
|
6.5 |
MEDIUM
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery…
|
CWE-352
Origin Validation Error
|
CVE-2024-20421
|
2024-10-31 23:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314755
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
…
|
-
|
CVE-2024-20466
|
2024-10-31 23:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314756
|
- |
|
-
|
-
|
Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment (TEE) may allow a privileged attacker with access to AMD signing
keys to c006Frrupt the return address, caus…
|
-
|
CVE-2021-46746
|
2024-10-31 23:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314757
|
5.3 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox
|
The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, an…
|
NVD-CWE-noinfo
|
CVE-2024-10460
|
2024-10-31 23:32 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314758
|
6.5 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method all…
|
CWE-22
Path Traversal
|
CVE-2024-46977
|
2024-10-31 23:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314759
|
6.1 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43795
|
2024-10-31 23:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314760
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.
|
NVD-CWE-noinfo
|
CVE-2024-44203
|
2024-10-31 23:08 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
