Embedded Web Servers In All Modicon M340, Premium, Quantum PLCs And BMXNOR0200 Security Vulnerabilities

CVE-2024-6045

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....

CVE-2024-6046

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...

CVE-2024-6045

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....

CVE-2024-6046

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...

CVE-2024-6046 SECOM WRTR-304GN-304TW-UPSC - OS Command Injection

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the...

CVE-2024-5163

Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security...

CVE-2024-5163

Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security...

CVE-2024-6045 D-Link router - Hidden Backdoor

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor. Unauthenticated attackers on the local area network can force the device to enable Telnet service by accessing a specific URL and can log in by using the administrator credentials obtained from analyzing the....

GHSA-X7M3-JPRG-WC5G vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app,...

CVE-2023-41419 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app,...

CVE-2024-34069 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-werkzeug, superset,...

GHSA-2G68-C3QC-8985 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, kubeflow-jupyter-web-app, py3-werkzeug, superset,...

GHSA-84PR-M4JR-85G5 vulnerabilities

Vulnerabilities for packages: py3-flask-cors, kubeflow-volumes-web-app,...

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5

CVE-2016-9179 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

GHSA-H75V-3VVJ-5MFJ vulnerabilities

Vulnerabilities for packages: pytorch, kubeflow-jupyter-web-app, confluent-docker-utils, dask-gateway, py3-jinja2, reflex, superset,...

GHSA-JJG7-2V4V-X38H vulnerabilities

Vulnerabilities for packages: py3-idna, kubeflow-pipelines, kubeflow-jupyter-web-app, confluent-docker-utils, datadog-agent, kubeflow-katib, jwt-tool, py3-cassandra-medusa, k8s-sidecar, kubeflow-pipelines-visualization-server, ggshield, az, dask-gateway, py3.10-tensorflow-core,...

CVE-2024-3651 vulnerabilities

Vulnerabilities for packages: py3-idna, kubeflow-pipelines, kubeflow-jupyter-web-app, confluent-docker-utils, datadog-agent, kubeflow-katib, jwt-tool, py3-cassandra-medusa, k8s-sidecar, kubeflow-pipelines-visualization-server, ggshield, az, dask-gateway, py3.10-tensorflow-core,...

GHSA-G4MX-Q9VG-27P4 vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, jwt-tool, py3-urllib3,...

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5

CVE-1999-0817 affecting package lynx 2.9.0~dev.9-5. This CVE either no longer is or was never...

CVE-2024-34064 vulnerabilities

Vulnerabilities for packages: pytorch, kubeflow-jupyter-web-app, confluent-docker-utils, dask-gateway, py3-jinja2, reflex, superset,...

CVE-2023-45803 vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, jwt-tool, py3-urllib3,...

CVE-2024-1681 vulnerabilities

Vulnerabilities for packages: py3-flask-cors, kubeflow-volumes-web-app,...

GHSA-9WX4-H78V-VM56 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, kubeflow-jupyter-web-app, confluent-docker-utils, datadog-agent, kubeflow-katib, jwt-tool, mlflow, k8s-sidecar, py3-cassandra-medusa, az, airflow, superset, py3.10-tensorflow-core,...

CVE-2013-7381 affecting package libnotify 0.7.9-4

CVE-2013-7381 affecting package libnotify 0.7.9-4. This CVE either no longer is or was never...

CVE-2010-4756 affecting package glibc 2.35-7

CVE-2010-4756 affecting package glibc 2.35-7. This CVE either no longer is or was never...

CVE-2010-4226 affecting package cpio 2.13-5

CVE-2010-4226 affecting package cpio 2.13-5. This CVE either no longer is or was never...

GHSA-V845-JXX5-VC9F vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-urllib3, k8s-sidecar, dask-gateway, kube-downscaler,...

CVE-2023-43804 vulnerabilities

Vulnerabilities for packages: kubeflow-jupyter-web-app, py3-urllib3, k8s-sidecar, dask-gateway, kube-downscaler,...

CVE-2023-46136 vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, py3-werkzeug, airflow,...

CVE-2024-35195 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, kubeflow-jupyter-web-app, confluent-docker-utils, datadog-agent, kubeflow-katib, jwt-tool, mlflow, k8s-sidecar, py3-cassandra-medusa, az, airflow, superset, py3.10-tensorflow-core,...

GHSA-HRFV-MQP8-Q5RW vulnerabilities

Vulnerabilities for packages: py3-tensorflow-serving-api, kubeflow-jupyter-web-app, py3-werkzeug, airflow,...

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1

CVE-2023-39326 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1

CVE-2023-24536 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1

CVE-2023-45284 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1

CVE-2023-44487 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0

CVE-2016-8681 affecting package libdwarf for versions less than 0.9.0. A patched version of the package is...

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is...

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1

CVE-2023-48795 affecting package moby-engine for versions less than 20.10.27-1. A patched version of the package is...

CVE-2023-7008 affecting package systemd for versions less than 123

CVE-2023-7008 affecting package systemd for versions less than 123. A patched version of the package is...

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2

CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is...

CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38

CVE-2023-5678 affecting package edk2 for versions less than 20230301gitf80f052277c8-38. A patched version of the package is...

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10

CVE-2023-44487 affecting package prometheus for versions less than 2.37.0-10. A patched version of the package is...

CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2

CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2. A patched version of the package is...

CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18

CVE-2023-44487 affecting package flannel for versions less than 0.14.0-18. A patched version of the package is...

CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25801 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...

CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...

CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1

CVE-2023-25658 affecting package tensorflow for versions less than 2.11.1-1. A patched version of the package is...

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is...

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29403 affecting package golang for versions less than 1.20.7-1

CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...