Riasztások
2024. okt. 3.
NA - CVE-2024-46658 - Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was...
Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command injection vulnerability.
2024. okt. 3.
NA - CVE-2024-41925 - The web service for ONS-S8 - Spectra...
The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and...
2024. okt. 3.
NA - CVE-2024-42417 - Delta Electronics DIAEnergie is vulnerable to...
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may be able to exploit this issue to cause delay in the targeted product.
2024. okt. 3.
NA - CVE-2024-43699 - Delta Electronics DIAEnergie is vulnerable to...
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may be able to exploit this issue to obtain records contained in the...
2024. okt. 3.
NA - CVE-2024-45367 - The web server for ONS-S8 - Spectra Aggregation...
The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password.
2024. okt. 2.
NA - CVE-2024-21530 - Versions of the package cocoon before 0.4.0 are...
Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate...
2024. okt. 2.
NA - CVE-2024-33662 - Portainer before 2.20.2 improperly uses an...
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
2024. okt. 2.
NA - CVE-2024-45186 - FileSender before 2.49 allows server-side...
FileSender before 2.49 allows server-side template injection (SSTI) for retrieving credentials.