Medium - CVE-2024-0892 - The Schema App Structured Data plugin for...
The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on...
NA - CVE-2024-27155 - The Toshiba printers are vulnerable to a Local...
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any...
NA - CVE-2024-27156 - The session cookies, used for authentication,...
The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the...
NA - CVE-2024-27157 - The sessions are stored in clear-text logs. An...
The sessions are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the...
NA - CVE-2024-27159 - All the Toshiba printers contain a shell script...
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed...
NA - CVE-2024-27160 - All the Toshiba printers contain a shell script...
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed...
NA - CVE-2024-27161 - all the Toshiba printers have programs...
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An attacker can decrypt the encrypted files using the hardcoded key. Insecure algorithm is used for the...
NA - CVE-2024-27162 - Toshiba printers provide a web interface that...
Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An...
NA - CVE-2024-27163 - Toshiba printers will display the password of...
Toshiba printers will display the password of the admin user in clear-text and additional passwords when sending 2 specific HTTP requests to the internal API. An attacker stealing the cookie of an...