Latest CVE Feed
-
5.3
MEDIUMCVE-2024-41723
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_fraud_protection_service big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager +11 more products- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024
-
8.7
HIGHCVE-2024-41727
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Techn... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_fraud_protection_service big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager +13 more products- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024
-
5.5
MEDIUMCVE-2024-7866
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.... Read more
Affected Products : xpdf- Published: Aug. 15, 2024
- Modified: Aug. 20, 2024
-
9.8
CRITICALCVE-2024-7838
A vulnerability was found in itsourcecode Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcategory.php. The manipulation of the argument cname leads to sql injection. The... Read more
Affected Products : online_food_ordering_system- Published: Aug. 15, 2024
- Modified: Aug. 20, 2024
-
7.7
HIGHCVE-2024-27120
A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. Using this vulnerability, an unauthenticated attacker may retrieve sensitive information about the underlying system. The vulnerability has been remediated in... Read more
Affected Products : comfortkey- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024
-
8.8
HIGHCVE-2024-7792
A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible ... Read more
Affected Products : task_progress_tracker- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024
-
9.8
CRITICALCVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges.... Read more
Affected Products : command- Published: Aug. 20, 2024
- Modified: Aug. 20, 2024
-
8.8
HIGHCVE-2024-22069
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords... Read more
- Published: Aug. 08, 2024
- Modified: Aug. 20, 2024
-
10.0
CRITICALCVE-2024-39791
Stack-based buffer overflow vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to execute arbitrary code.... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
7.1
HIGHCVE-2023-28074
Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vu... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 20, 2024
-
9.4
CRITICALCVE-2024-39815
Improper check or handling of exceptional conditions vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an unauthenticated remote attacker to cause a denial of serv... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
9.9
CRITICALCVE-2024-37023
Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enable an authenticated remote attacker to execute arbitrary OS commands via various endpo... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
8.8
HIGHCVE-2024-29082
Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication and factory reset the device vi... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
9.8
CRITICALCVE-2024-41161
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administra... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 08, 2024
- Modified: Aug. 20, 2024
-
5.5
MEDIUMCVE-2024-42032
Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more
- Published: Aug. 08, 2024
- Modified: Aug. 20, 2024
-
6.2
MEDIUMCVE-2024-42030
Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more
- Published: Aug. 08, 2024
- Modified: Aug. 20, 2024
-
9.8
CRITICALCVE-2024-42001
An improper authentication vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior enables an unauthenticated remote attacker to bypass authentication via a specially crafte... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
8.7
HIGHCVE-2024-41936
A directory traversal vulnerability affecting Vonets industrial wifi bridge relays and wifi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to read arbitrary files and bypass authentication.... Read more
Affected Products : var1200-h_firmware var1200-h var1200-l_firmware var1200-l var600-h_firmware var600-h vap11ac_firmware vap11ac vap11g-500s_firmware vap11g-500s +18 more products- Published: Aug. 12, 2024
- Modified: Aug. 20, 2024
-
7.8
HIGHCVE-2024-5915
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.... Read more
Affected Products : globalprotect- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024
-
9.8
CRITICALCVE-2024-5914
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.... Read more
Affected Products : cortex_xsoar_commonscripts- Published: Aug. 14, 2024
- Modified: Aug. 20, 2024