Latest CVE Feed
-
9.8
CVSS31CVE-2024-47575
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet For... Read more
Affected Products :- Actively Exploited
- Published: Oct. 23, 2024
- Modified: Oct. 24, 2024
-
4.7
CVSS31CVE-2024-10301
A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata l... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
4.7
CVSS31CVE-2024-10300
A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the ... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
5.3
CVSS31CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts a... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
9.8
CVSS31CVE-2024-46483
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
5.3
CVSS31CVE-2024-45526
An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
7.5
CVSS31CVE-2024-48964
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directo... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
7.5
CVSS31CVE-2024-48963
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to the improper handling of the current working directory ... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
4.7
CVSS31CVE-2024-10299
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argume... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
4.7
CVSS31CVE-2024-10298
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argumen... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
8.2
CVSS31CVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
7.5
CVSS31CVE-2024-44331
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
7.5
CVSS31CVE-2024-42643
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 23, 2024
-
5.3
CVSS31CVE-2024-20526
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a ... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
8.6
CVSS31CVE-2024-20495
A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
8.6
CVSS31CVE-2024-20494
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulti... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
5.3
CVSS31CVE-2024-20493
A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny fu... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
6.5
CVSS31CVE-2024-20482
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker to elevate privileges on an affected device. To e... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
5.8
CVSS31CVE-2024-20481
A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN ... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024
-
4.3
CVSS31CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. This vulnerability is due to an integer und... Read more
Affected Products :- Published: Oct. 23, 2024
- Modified: Oct. 23, 2024