Lucene search
+L

68 matches found

OSV
OSV
added 2024/10/04 8:15 p.m.4 views

CVE-2024-43687

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

6.1CVSS5.8AI score0.00786EPSS
Exploits3References2
NVD
NVD
added 2024/10/04 8:15 p.m.40 views

CVE-2024-43687

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

7.7CVSS0.00786EPSS
Exploits3References2
OSV
OSV
added 2024/10/04 8:15 p.m.5 views

CVE-2024-7801

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip TimeProvider 4100 Data plot modules allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

6.5CVSS5.8AI score0.00843EPSS
Exploits2References2
OSV
OSV
added 2024/10/04 8:15 p.m.4 views

CVE-2024-9054

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 Configuration modules allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before...

8.8CVSS5.8AI score0.1501EPSS
Exploits3References2
NVD
NVD
added 2024/10/04 8:15 p.m.29 views

CVE-2024-43683

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...

8.7CVSS0.00211EPSS
Exploits0References2
OSV
OSV
added 2024/10/04 8:15 p.m.4 views

CVE-2024-43686

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 data plot modules allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

6.1CVSS5.8AI score0.11528EPSS
Exploits0References2
NVD
NVD
added 2024/10/04 8:15 p.m.30 views

CVE-2024-43684

Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...

8.8CVSS0.00194EPSS
Exploits0References2
OSV
OSV
added 2024/10/04 8:15 p.m.4 views

CVE-2024-43684

Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...

8.8CVSS5.8AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2024/10/04 8:15 p.m.7 views

CVE-2024-43685

Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2024/10/04 8:15 p.m.19 views

CVE-2024-43686

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 data plot modules allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

6.1CVSS0.11528EPSS
Exploits0References2
NVD
NVD
added 2024/10/04 8:15 p.m.21 views

CVE-2024-43685

Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

9.8CVSS0.0044EPSS
Exploits0References2
OSV
OSV
added 2024/10/04 8:15 p.m.4 views

CVE-2024-43683

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/04 7:56 p.m.12 views

CVE-2024-43683 Improper verification of the Host header in TimeProvider 4100

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...

8.7CVSS6.1AI score0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/04 7:56 p.m.29 views

CVE-2024-43683 Improper verification of the Host header in TimeProvider 4100

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...

8.7CVSS0.00211EPSS
Exploits0References2
CVE
CVE
added 2024/10/04 7:56 p.m.58 views

CVE-2024-43683

CVE-2024-43683 affects Microchip TimeProvider 4100 (from v1.0). The issue is an improper verification of the Host header leading to a URL Redirection to an untrusted site, enabling cross-site scripting via HTTP headers (open redirect). Public documents indicate affected versions start at 1.0, but...

8.7CVSS6AI score0.00211EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/04 7:51 p.m.13 views

CVE-2024-43684 Cross-Site Request Forgery vulnerability in TimeProvider 4100

Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...

8.7CVSS6.6AI score0.00194EPSS
Exploits0References2
CVE
CVE
added 2024/10/04 7:51 p.m.61 views

CVE-2024-43684

Microchip TimeProvider 4100 is affected by a CSRF vulnerability (also enabling XSS). Affected: TimeProvider 4100, versions 1.0 and later. Root cause: CSRF/XSS issues on the device allow unauthorized actions. Impact: high in both confidentiality and integrity; availability also at risk per CVSS da...

8.8CVSS8.2AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/04 7:51 p.m.25 views

CVE-2024-43684 Cross-Site Request Forgery vulnerability in TimeProvider 4100

Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...

8.7CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/04 7:48 p.m.14 views

CVE-2024-43685 Session token fixation in TimeProvider 4100

Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

8.7CVSS7AI score0.0044EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/04 7:48 p.m.28 views

CVE-2024-43685 Session token fixation in TimeProvider 4100

Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

8.7CVSS0.0044EPSS
Exploits0References2
Rows per page
Query Builder