Search
Search Results (8010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7729 | 1 Cayintech | 15 Cms-20, Cms-60, Cms-se and 12 more | 2024-08-16 | 7.5 High |
| The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files. | ||||
| CVE-2024-40704 | 1 Ibm | 1 Infosphere Information Server | 2024-08-15 | 4.9 Medium |
| IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277. | ||||
| CVE-2024-43141 | 1 Rolandbarkerxnauwebdesign | 1 Participants Database | 2024-08-15 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants Database allows Object Injection.This issue affects Participants Database: from n/a through 2.5.9.2. | ||||
| CVE-2024-40464 | 1 Beego | 1 Beego | 2024-08-15 | 8.8 High |
| An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file | ||||
| CVE-2024-41683 | 1 Siemens | 2 Location Intelligence, Location Intelligence Family | 2024-08-14 | 5.3 Medium |
| A vulnerability has been identified in Location Intelligence family (All versions < V4.4). Affected products do not properly enforce a strong user password policy. This could facilitate a brute force attack against legitimate user passwords. | ||||
| CVE-2024-41906 | 1 Siemens | 1 Sinec Traffic Analyzer | 2024-08-14 | 4.8 Medium |
| A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V2.0). The affected application does not properly handle cacheable HTTP responses in the web service. This could allow an attacker to read and modify data stored in the local cache. | ||||
| CVE-2024-32931 | 1 Johnsoncontrols | 1 Exacqvision Web Service | 2024-08-09 | 5.7 Medium |
| Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. | ||||
| CVE-2024-39636 | 1 Codesolz | 1 Better Find And Replace | 2024-08-07 | 8.3 High |
| Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1. | ||||
| CVE-2024-41265 | 1 Linuxfoundation | 1 Cortex | 2024-08-02 | 7.5 High |
| A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function. | ||||
| CVE-2024-41253 | 1 Goframe | 1 Goframe | 2024-08-01 | 7.1 High |
| goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient component. | ||||