Lucene search
K

3858 matches found

CVE
CVE
added 2024/06/20 1:53 a.m.50 views

CVE-2024-6179

LG SuperSign CMS is affected by a Reflected XSS due to improper input neutralization during web page generation. Affected versions are 4.1.3 up to 4.3.0 (before 4.3.1). Root cause: insufficient input neutralization in the page generation flow. Remediation: upgrade to 4.3.1 or later as indicated b...

6.1CVSS6.3AI score0.00253EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/20 1:53 a.m.16 views

CVE-2024-6179 XSS vulnerability in LG SuperSign CMS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS6.9AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/20 1:51 a.m.53 views

CVE-2024-6178 XSS vulnerability in LG SuperSign CMS

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS0.00253EPSS
Exploits0References1
CVE
CVE
added 2024/06/20 1:51 a.m.53 views

CVE-2024-6178

CVE-2024-6178 describes a cross-site scripting vulnerability inLG Electronics’ SuperSign CMS. The issue arises from improper input neutralization during web page generation and enables reflected XSS . Affected versions are SuperSign CMS 4.1.3 through 4.3.0 (i.e., before 4.3.1). The connected sour...

6.1CVSS6.3AI score0.00253EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/20 12:52 a.m.20 views

CVE-2024-6177 XSS vulnerability in LG SuperSign CMS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS6.9AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2024/06/20 12:52 a.m.54 views

CVE-2024-6177

CVE-2024-6177 affects LG Electronics SuperSign CMS. A Reflected XSS vulnerability arises from improper input neutralization during web page generation, impacting versions 4.1.3 up to, but not including, 4.3.1. Exploitation leads to client-side script execution with low impact to confidentiality a...

6.1CVSS6.3AI score0.00253EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/20 12:44 a.m.15 views

CVE-2024-6176 Port scanning vulnerability in LG SuperSign CMS

Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign CMS allows Port Scanning.This issue affects LG SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS6.9AI score0.00228EPSS
Exploits0References1
CVE
CVE
added 2024/06/20 12:44 a.m.38 views

CVE-2024-6176

CVE-2024-6176 concerns LG Electronics LG SuperSign CMS, affecting versions from 4.1.3 up to but not including 4.3.1. The issue stems from allocation of resources without limits or throttling, enabling port scanning against vulnerable deployments. Connected sources confirm the affected product and...

4.8CVSS6.5AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/20 12:44 a.m.21 views

CVE-2024-6176 Port scanning vulnerability in LG SuperSign CMS

Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign CMS allows Port Scanning.This issue affects LG SuperSign CMS: from 4.1.3 before 4.3.1...

4.8CVSS0.00228EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/18 12:0 a.m.4 views

Actiontec Electronics WEB6000Q Security Vulnerability

Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. A security vulnerability exists in the Actiontec Electronics WEB6000Q that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length buffer. An attacker...

8.8CVSS7.2AI score0.01119EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/14 9:31 p.m.20 views

CVE-2024-6003 Guangdong Baolun Electronics IP Network Broadcasting Service Platform maps sql injection

A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...

7.5CVSS7.5AI score0.00526EPSS
Exploits0References4
CVE
CVE
added 2024/06/14 9:31 p.m.80 views

CVE-2024-6003

CVE-2024-6003 affects Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. The vulnerability is in an unknown function of the file /api/v2/maps, caused by manipulation of the argument orderColumn that leads to SQL injection . It can be exploited remotely, and the exploit has...

7.5CVSS7.5AI score0.00526EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.5 views

Guangdong Baolun Electronics IP Network Broadcasting Service Platform SQL Injection Vulnerability

Guangdong Baolun Electronics IP Network Broadcasting Service Platform is an electronic IP network broadcasting service platform of Guangdong Baolun Electronics, China. A SQL injection vulnerability exists in the Guangdong Baolun Electronics IP Network Broadcasting Service Platform version 2.0,...

7.5CVSS8AI score0.00526EPSS
Exploits0References5
OSV
OSV
added 2024/06/13 8:15 p.m.2 views

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

6.5CVSS5.8AI score0.00778EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 8:15 p.m.18 views

CVE-2024-5951

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...

7.1CVSS0.00778EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 8:15 p.m.27 views

CVE-2024-5952

Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...

6.5CVSS0.00603EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 8:15 p.m.1 views

CVE-2024-5947

Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...

6.5CVSS5.7AI score0.02418EPSS
Exploits3References1
NVD
NVD
added 2024/06/13 8:15 p.m.19 views

CVE-2024-5948

Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...

8.8CVSS0.01108EPSS
Exploits0References1
OSV
OSV
added 2024/06/13 8:15 p.m.4 views

CVE-2024-5949

Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...

6.5CVSS5.8AI score0.0058EPSS
Exploits0References1
NVD
NVD
added 2024/06/13 8:15 p.m.23 views

CVE-2024-5949

Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...

6.5CVSS0.0058EPSS
Exploits0References1
Rows per page
Query Builder