Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Medium Security Vulnerabilities

cve
cve

CVE-2024-21872

The device allows an unauthenticated attacker to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the...

7.5CVSS

7.7AI Score

0.0004EPSS

2024-04-18 11:15 PM
28
cve
cve

CVE-2024-22186

The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become...

8.8CVSS

7.8AI Score

0.0004EPSS

2024-04-18 11:15 PM
29
cve
cve

CVE-2024-3742

Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-18 11:15 PM
26
cve
cve

CVE-2024-1491

The devices allow access to an unprotected endpoint that allows MPFS file system binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial flash, or internal flash program...

7.5CVSS

8AI Score

0.0004EPSS

2024-04-18 11:15 PM
29
cve
cve

CVE-2024-21846

An unauthenticated attacker can reset the board and stop transmitter operations by sending a specially-crafted GET request to the command.cgi gateway, resulting in a denial-of-service...

5.3CVSS

7.5AI Score

0.0004EPSS

2024-04-18 11:15 PM
27
cve
cve

CVE-2024-3741

Electrolink transmitters are vulnerable to an authentication bypass vulnerability affecting the login cookie. An attacker can set an arbitrary value except 'NO' to the login cookie and have full system ...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-18 10:15 PM
26
cve
cve

CVE-2024-22179

The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-04-18 10:15 PM
28
cve
cve

CVE-2024-23816

A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0) (All versions < V4.3), Location Intelligence Perpetual Medium (9DE5110-8CA12-1AX0) (All versions < V4.3), Location Intelligence Perpetual Non-Prod (9DE5110-8CA10-1AX0) (All versions < V4.3), L...

9.8CVSS

7.8AI Score

0.001EPSS

2024-02-13 09:15 AM
16
cve
cve

CVE-2021-28580

Medium by Adobe version 2.4.5.331 (and earlier) is affected by a buffer overflow vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user...

7.8CVSS

7.9AI Score

0.003EPSS

2021-09-08 02:15 PM
25