CVE-2024-37019 |
Description: Northern.tech Mender Enterprise before 3.6.4 and 3.7.x before 3.7.4 has Weak Authentication.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-37017 |
Description: asdcplib (aka AS-DCP Lib) 2.13.1 has a heap-based buffer over-read in ASDCP::TimedText::MXFReader::h__Reader::MD_to_TimedText_TDesc in AS_DCP_TimedText.cpp in libasdcp.so.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-36858 |
Description: An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file.
EPSS Score: 0.13%
February 14th, 2025 (5 months ago)
|
CVE-2024-36857 |
Description: Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface.
EPSS Score: 0.1%
February 14th, 2025 (5 months ago)
|
CVE-2024-36845 |
Description: An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-36844 |
Description: libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-36823 |
Description: The encrypt() function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information.
EPSS Score: 0.09%
February 14th, 2025 (5 months ago)
|
CVE-2024-36801 |
Description: A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-36800 |
Description: A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-36795 |
Description: Insecure permissions in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to access URLs and directories embedded within the firmware via unspecified vectors.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|