Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-43418 Cross-site Scripting vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-79
6.1
6.1
2024-11-15 CVE-2024-45608 SQL Injection vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-89
8.8
8.8
2024-11-15 CVE-2024-11250 SQL Injection vulnerability in Code-Projects Inventory Management 1.0
A vulnerability was found in code-projects Inventory Management up to 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-11-15 CVE-2024-40638 Unspecified vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project
8.8
8.8
2024-11-15 CVE-2024-41678 Cross-site Scripting vulnerability in Glpi-Project Glpi
GLPI is a free asset and IT management software package.
network
low complexity
glpi-project CWE-79
6.1
6.1
2024-11-15 CVE-2021-1464 A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an affected system. This vulnerability exists because the affected software has insufficient input validation for certain commands.
network
low complexity
CWE-20
5.0
5.0
2024-11-15 CVE-2021-1470 A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper input validation of SQL queries to an affected system.
network
low complexity
CWE-20
4.9
4.9
2024-11-15 CVE-2021-1481 A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affected system. This vulnerability is due to insufficient input validation by the web-based management interface.
network
low complexity
CWE-943
4.3
4.3
2024-11-15 CVE-2021-1482 A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain access to sensitive information on an affected system. This vulnerability is due to insufficient authorization checks.
network
low complexity
CWE-20
6.4
6.4
2024-11-15 CVE-2021-1483 A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. This vulnerability is due to improper handling of XML External Entity (XXE) entries when the affected software parses certain XML files.
network
low complexity
CWE-611
6.4
6.4