Lucene search
K

16600 matches found

Cisco
Cisco
added 2024/10/23 4:0 p.m.24 views

Cisco Secure Firewall Management Center Software SQL Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability,...

6.5CVSS6.5AI score0.00448EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.14 views

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating...

6.5CVSS6.8AI score0.00782EPSS
Exploits0References1
Cisco
Cisco
added 2024/10/23 4:0 p.m.14 views

Cisco Secure Firewall Management Center Software Cluster Backup Command Injection Vulnerability

A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center FMC Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to...

6.1CVSS6.6AI score0.00509EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.5 views

The vulnerability of the application software interface of the Trend Micro Cloud Edge device for comprehensive network security management allows a perpetrator to execute arbitrary code.

The vulnerability of the application software interface of the Trend Micro Cloud Edge device for comprehensive network security management is related to the failure to take measures for data cleaning at the management level. Exploiting this vulnerability allows a malicious actor to execute...

10CVSS8.4AI score0.0246EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/10/21 9:15 p.m.19 views

CVE-2024-40088

A Directory Traversal vulnerability in the Boa webserver of Vilo 5 Mesh WiFi System = 5.16.1.33 allows remote, unauthenticated attackers to enumerate the existence and length of any file in the filesystem by placing malicious payloads in the path of any HTTP request...

5.3CVSS0.00689EPSS
Exploits1References2
OSV
OSV
added 2024/10/21 2:15 a.m.3 views

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

9.8CVSS6.2AI score
Exploits0References2
NVD
NVD
added 2024/10/21 2:15 a.m.22 views

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

9.8CVSS0.00943EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/21 1:27 a.m.15 views

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

8.8CVSS9.5AI score0.00943EPSS
Exploits0References2
CVE
CVE
added 2024/10/21 1:27 a.m.52 views

CVE-2024-43689

CVE-2024-43689 describes a stack-based buffer overflow in ELECOM wireless access points/routers triggered by processing a crafted HTTP request, potentially enabling arbitrary code execution. Affected products and versions (per connected sources): WRC-X3000GS2-B/W/GS2A-B before 1.09; WAB-I1750-PS ...

9.8CVSS9.3AI score0.00943EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/21 1:27 a.m.26 views

CVE-2024-43689

Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed...

8.8CVSS0.00943EPSS
Exploits0References2
OSV
OSV
added 2024/10/18 11:9 a.m.5 views

OESA-2024-2259 rubygem-puma security update

A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Security Fixes: Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request...

9.8CVSS6.8AI score0.0214EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/17 12:20 a.m.104 views

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker ...

10CVSS9.7AI score0.99999EPSS
Exploits65Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/16 10:43 p.m.84 views

Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.4.0 Vulnerability Details CVEID:CVE-2023-6481 DESCRIPTION: QOS.ch Sarl Logback is vulnerable to a denial of service, caused by a serialization flaw in the logback receiver component. By sending a specially crafte...

8CVSS10AI score0.07087EPSS
Exploits4Affected Software1
NVD
NVD
added 2024/10/15 1:15 p.m.18 views

CVE-2024-48280

A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL command via the fromdate parameter in a POST HTTP request...

7.6CVSS0.0045EPSS
Exploits1References1
NVD
NVD
added 2024/10/15 1:15 p.m.25 views

CVE-2024-48282

A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request...

7.6CVSS0.00411EPSS
Exploits1References1
Veracode
Veracode
added 2024/10/15 7:39 a.m.10 views

HTTP Smuggling

org.jboss.resteasy, resteasy-netty4-cdi is vulnerable to HTTP Smuggling. The vulnerability is due to improper handling of HTTP requests by the resteasy-netty4 library, specifically when the Netty HttpObjectDecoder fails to process HTTP smuggling requests with ASCII control characters, causing it ...

5.3CVSS6.6AI score0.00653EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/10/15 12:0 a.m.20 views

CVE-2024-48282

A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the femail parameter in a POST HTTP request...

0.00411EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/15 12:0 a.m.11 views

CVE-2024-48279

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request...

7.9AI score0.0056EPSS
Exploits1References1
CVE
CVE
added 2024/10/15 12:0 a.m.63 views

CVE-2024-48279

PHPGurukul User Registration & Login and User Management System 3.2 has a HTML Injection vulnerability in /search-result.php. The searchkey parameter (POST) allows remote attackers to inject/execute arbitrary HTML. Root cause is not detailed beyond this; CVSS v3.1 vector indicates high impact wit...

7.6CVSS8.1AI score0.0056EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/10/11 7:15 p.m.14 views

CVE-2024-8912

An HTTP Request Smuggling vulnerability in Looker allowed an unauthorized attacker to capture HTTP responses destined for legitimate users. There are two Looker versions that are hosted by Looker: Looker Google Cloud core was found to be vulnerable. This issue has already been mitigated and our...

8.9CVSS0.00189EPSS
Exploits0References1
Rows per page
Query Builder