Riasztások
2024. Szep. 27.
NA - CVE-2024-46453 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
2024. Szep. 27.
NA - CVE-2024-47186 - Filament is a collection of full-stack...
Filament is a collection of full-stack components for Laravel development. Versions of Filament from v3.0.0 through v3.2.114 are affected by a cross-site scripting (XSS) vulnerability. If values...
2024. Szep. 27.
NA - CVE-2024-9291 - A vulnerability classified as problematic has...
A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. Affected is an unknown function of the file...
2024. Szep. 27.
NA - CVE-2024-9293 - A vulnerability classified as critical was...
A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the...
2024. Szep. 27.
NA - CVE-2024-23586 - HCL Nomad is susceptible to an insufficient...
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
2024. Szep. 27.
NA - CVE-2024-38796 - EDK2 contains a vulnerability in the...
EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may...
2024. Szep. 27.
NA - CVE-2024-9294 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. Affected by this issue is some unknown functionality of the file...
2024. Szep. 26.
Cisco IOS XE Software for Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow...
2024. Szep. 26.
Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS...
2024. Szep. 26.
Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of...