Riasztások
16 Dec 2024
NA - CVE-2024-29671 - Buffer Overflow vulnerability in NEXTU FLATA...
Buffer Overflow vulnerability in NEXTU FLATA AX1500 Router v.1.0.2 allows a remote attacker to execute arbitrary code via the POST request handler component.
16 Dec 2024
NA - CVE-2024-37773 - An HTML injection vulnerability in Sunbird DCIM...
An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as administrators to inject arbitrary HTML code in an admin screen.
16 Dec 2024
NA - CVE-2024-37774 - A Cross-Site Request Forgery (CSRF) in Sunbird...
A Cross-Site Request Forgery (CSRF) in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some...
16 Dec 2024
NA - CVE-2024-37775 - Incorrect access control in Sunbird DCIM...
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a ticket with a location which bypasses an RBAC check.
16 Dec 2024
NA - CVE-2024-37776 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in Sunbird DCIM dcTrack v9.1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in some admin screens.
16 Dec 2024
NA - CVE-2024-52949 - iptraf-ng 1.2.1 has a stack-based buffer overflow.
iptraf-ng 1.2.1 has a stack-based buffer overflow.
16 Dec 2024
NA - CVE-2024-55554 - Intrexx Portal Server before 12.0.2 allows XSS...
Intrexx Portal Server before 12.0.2 allows XSS via a user-defined portlet.
16 Dec 2024
NA - CVE-2024-10972 - Velocidex WinPmem versions 4.1 and below suffer...
Velocidex WinPmem versions 4.1 and below suffer from an Improper Input Validation vulnerability whereby an attacker with admin access can trigger a BSOD with a parallel thread changing the memory’s...
16 Dec 2024
NA - CVE-2024-12089 - A stored Cross-site Scripting (XSS)...
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to...
16 Dec 2024
NA - CVE-2024-12090 - A stored Cross-site Scripting (XSS)...
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's...