9454 matches found
Schweitzer Engineering Laboratories SEL 700 series relays
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL 700 series relays Vulnerability : Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability...
PT-2024-25148 · Sourcecodester · Sourcecodester Elearning System
Name of the Vulnerable Software and Affected Versions: SourceCodester eLearning System version 1.0 Description: A vulnerability has been found in the Maintenance Module of the SourceCodester eLearning System. The manipulation of the Subject Code/Description argument leads to cross-site scripting...
enersys.ru Cross Site Scripting vulnerability OBB-3897221
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2024-24659 · Unknown · Sourcecodester Internship Portal Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Internship Portal Management System version 1.0 Description: A critical issue has been found in the SourceCodester Internship Portal Management System, affecting the processing of the file admin/edit admin.php. The manipulation...
IOSIX IO-1020 Micro ELD
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION : Exploitable from adjacent network/Low attack complexity Vendor : IOSiX Equipment : IO-1020 Micro ELD Vulnerabilities : Use of Default Credentials, Download of Code Without Integrity Check 2. RISK EVALUATION Successful exploitation of these...
CVE-2024-3039
Affected software: Shanghai Brad Technology BladeX 3.4.0. Vulnerable component: API endpoint /api/blade-user/export-user. Root cause: SQL injection via input manipulation using updatexml(1,concat(0x3f,md5(123456),0x3f),1)=1). Impact: potential remote exploitation allowing unauthorized access or d...
Oracle Linux 8 : thunderbird (ELSA-2024-1494)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-1494 advisory. 115.9.0-1.0.1 - Add Oracle prefs 115.9.0-1 - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 Tenable has extracted the preceding description block...
CVE-2024-2903
CVE-2024-2903 affects Tenda AC7 firmware version 15.03.06.44. A stack-based buffer overflow is triggered in the GetParentControlInfo function located at /goform/GetParentControlInfo via manipulation of the mac argument. The vulnerability permits remote code execution or crash, with a publicly dis...
AutomationDirect C-MORE EA9 HMI
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : C-MORE EA9 HMI Vulnerabilities : Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
Mozilla: Crash in NSS TLS method
The Mozilla Foundation Security Advisory describes this flaw as: An unchecked return value in TLS handshake code could have caused a potentially exploitable crash...
RHEL 8 : firefox (RHSA-2024:1491)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1491 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
RHEL 8 : firefox (RHSA-2024:1490)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1490 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...