Total
3530 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25157 | 1 Fortra | 1 Goanywhere Managed File Transfer | 2024-08-19 | N/A | 6.5 MEDIUM |
| An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with access to the Agent Console to circumvent some permission checks when attempting to visit other pages. This could lead to unauthorized information disclosure or modification. | |||||
| CVE-2024-6078 | 2024-08-15 | N/A | N/A | ||
| CVE-2024-6078 IMPACT An improper authentication vulnerability exists in the affected product, which could allow a malicious user to generate cookies for any user ID without the use of a username or password. If exploited, a malicious user could take over the account of a legitimate user. The malicious user would be able to view and modify data stored in the cloud. | |||||
| CVE-2022-4002 | 1 Motorola | 2 Q14, Q14 Firmware | 2024-08-13 | N/A | 7.2 HIGH |
| A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request. | |||||
| CVE-2019-6198 | 1 Lenovo | 1 Pcmanager | 2024-08-13 | N/A | 7.8 HIGH |
| A vulnerability was reported in Lenovo PC Manager prior to versionĀ 2.8.90.11211 that could allow a local attacker to escalate privileges. | |||||
| CVE-2019-6197 | 1 Lenovo | 1 Pcmanager | 2024-08-13 | N/A | 7.8 HIGH |
| A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges. | |||||
| CVE-2024-35775 | 2024-08-13 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Authentication vulnerability in Soliloquy Team Slider by Soliloquy allows Cross-Site Scripting (XSS).This issue affects Slider by Soliloquy: from n/a through 2.7.6. | |||||
| CVE-2024-34788 | 1 Ivanti | 1 Endpoint Manager Mobile | 2024-08-12 | N/A | 6.5 MEDIUM |
| An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information | |||||
| CVE-2024-7395 | 2024-08-06 | N/A | N/A | ||
| An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2. | |||||
| CVE-2022-4001 | 2024-08-01 | N/A | 7.3 HIGH | ||
| An authentication bypass vulnerability could allow an attacker to access API functions without authentication. | |||||
| CVE-2008-1683 | 2024-04-16 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0887. Reason: This candidate is a duplicate of CVE-2008-0887. Notes: All CVE users should reference CVE-2008-0887 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||