Lucene search
K

5908 matches found

Talos
Talos
added 2024/10/30 12:0 a.m.28 views

LevelOne WBR-6012 Web Application improper resource allocation vulnerability

Talos Vulnerability Report TALOS-2024-1982 LevelOne WBR-6012 Web Application improper resource allocation vulnerability October 30, 2024 CVE Number CVE-2024-31152 SUMMARY The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application,...

7.5CVSS5.4AI score0.17156EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.5 views

Fortinet FortiWeb OS command injection due to unsafe input validation function (FG-IR-21-166)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-166 advisory. - A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 6.4....

9CVSS8.3AI score0.03323EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.11 views

EulerOS Virtualization 2.12.1 : python-urllib3 (EulerOS-SA-2024-2761)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

6.5CVSS6.7AI score0.01141EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.12 views

Fortinet FortiWeb Confused deputy issue on SERVER_NAME causes open proxy flaw (FG-IR-21-123)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-123 advisory. - A unintended proxy or intermediary 'confused deputy' in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows a...

6.5CVSS6.5AI score0.00807EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.10 views

Fortinet FortiWeb xss (FG-IR-21-139)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-139 advisory. - A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiWeb version 6.4.1 and...

6.1CVSS6.6AI score0.00823EPSS
Exploits0References2
NVD
NVD
added 2024/10/25 7:15 a.m.21 views

CVE-2024-47549

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...

7.4CVSS0.00338EPSS
Exploits0References3
NVD
NVD
added 2024/10/25 7:15 a.m.21 views

CVE-2024-47801

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...

7.4CVSS0.00338EPSS
Exploits0References3
NVD
NVD
added 2024/10/25 7:15 a.m.18 views

CVE-2024-45829

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

7.5CVSS0.00685EPSS
Exploits0References3
NVD
NVD
added 2024/10/25 7:15 a.m.23 views

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

7.5CVSS0.00729EPSS
Exploits0References3
NVD
NVD
added 2024/10/25 7:15 a.m.12 views

CVE-2024-43424

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

7.5CVSS0.00729EPSS
Exploits0References3
CVE
CVE
added 2024/10/25 6:18 a.m.57 views

CVE-2024-47801

CVE-2024-47801 affects Sharp and Toshiba Tec MFPs. The vulnerability is a reflected cross-site scripting flaw caused by improper processing of query parameters in HTTP requests, enabling script execution in the user's browser when a crafted URL is opened. Technical details confirm the issue locat...

7.4CVSS7.1AI score0.00338EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/25 6:18 a.m.13 views

CVE-2024-47549

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...

7.4CVSS7AI score0.00338EPSS
Exploits0References3
CVE
CVE
added 2024/10/25 6:18 a.m.59 views

CVE-2024-45842

The CVE-2024-45842 issue affects Sharp and Toshiba Tec MFPs (multifunction printers). Root cause: improper processing of URI data in HTTP PUT requests, leading to a path traversal vulnerability. Impact: unintended internal files may be retrieved when processing crafted HTTP requests. Connected so...

5.3CVSS5.4AI score0.00541EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/10/25 6:18 a.m.54 views

CVE-2024-45829

CVE-2024-45829 affects Sharp and Toshiba Tec MFPs. The issue is an Out-of-bounds Read in the web page used to download data, caused by improper processing of query parameters in HTTP requests. Crafting such requests can crash affected devices. Documents do not provide exploit details or fixed ver...

7.5CVSS5.2AI score0.00685EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/25 6:18 a.m.15 views

CVE-2024-45829

Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

4.9CVSS7.1AI score0.00685EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/25 6:18 a.m.10 views

CVE-2024-43424

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

7.5CVSS7AI score0.00729EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/25 6:18 a.m.24 views

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

7.5CVSS0.00729EPSS
Exploits0References3
CVE
CVE
added 2024/10/25 6:18 a.m.85 views

CVE-2024-42420

CVE-2024-42420 affects Sharp and Toshiba Tec MFPs. It involves multiple out-of-bounds read vulnerabilities (CWE-125) caused by improper processing of keyword search input and SOAP messages. Exploitation could be triggered by crafted HTTP requests, potentially crashing affected devices. Remediatio...

7.5CVSS7.6AI score0.00729EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/25 6:18 a.m.14 views

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

7.5CVSS7.2AI score0.00729EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/25 12:0 a.m.207 views

Spring Framework < 5.3.41 / 6.0.x < 6.0.25 / 6.1.x < 6.1.14 Multiple Vulnerabilities

The remote host contains a Spring Framework version is affected by a path traversal vulnerability. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obta...

7.5CVSS6.5AI score0.54862EPSS
Exploits9References4
Rows per page
Query Builder