Total
8929 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-27120 | 1 Celsiusbenelux | 1 Comfortkey | 2024-08-20 | N/A | 7.5 HIGH |
| A Local File Inclusion vulnerability has been found in ComfortKey, a product of Celsius Benelux. Using this vulnerability, an unauthenticated attacker may retrieve sensitive information about the underlying system. The vulnerability has been remediated in version 24.1.2. | |||||
| CVE-2024-42657 | 1 Nepstech | 2 Ntpl-xpon1gfevn, Ntpl-xpon1gfevn Firmware | 2024-08-20 | N/A | 7.5 HIGH |
| An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process | |||||
| CVE-2024-42658 | 1 Nepstech | 2 Ntpl-xpon1gfevn, Ntpl-xpon1gfevn Firmware | 2024-08-20 | N/A | 9.8 CRITICAL |
| An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter | |||||
| CVE-2024-7925 | 1 Zzcms | 1 Zzcms | 2024-08-20 | 4.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-31799 | 1 Gncchome | 2 Gncc C2, Gncc C2 Firmware | 2024-08-16 | N/A | 4.6 MEDIUM |
| Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. | |||||
| CVE-2024-41264 | 1 Casbin | 1 Casdoor | 2024-08-16 | N/A | 7.5 HIGH |
| An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey() method. | |||||
| CVE-2024-38200 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-08-13 | N/A | 6.5 MEDIUM |
| Microsoft Office Spoofing Vulnerability | |||||
| CVE-2024-34788 | 1 Ivanti | 1 Endpoint Manager Mobile | 2024-08-12 | N/A | 6.5 MEDIUM |
| An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information | |||||
| CVE-2024-42394 | 2 Arubanetworks, Hp | 2 Arubaos, Instantos | 2024-08-12 | N/A | 9.8 CRITICAL |
| There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | |||||