Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-42392 Unspecified vulnerability in Cesanta Mongoose
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters.
network
low complexity
cesanta
7.5
7.5
2024-11-18 CVE-2024-41967 A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack.
network
low complexity
CWE-306
8.1
8.1
2024-11-18 CVE-2024-41968 A low privileged remote attacker may modify the docker settings setup of the device, leading to a limited DoS.
network
low complexity
 5.4
5.4
2024-11-18 CVE-2024-41969 A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
network
low complexity
CWE-306
8.8
8.8
2024-11-18 CVE-2024-49574 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-11-18 CVE-2024-11311 Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files.
network
low complexity
trcore CWE-434
critical
 9.8
9.8
2024-11-18 CVE-2024-11312 Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files.
network
low complexity
trcore CWE-434
critical
 9.8
9.8
2024-11-18 CVE-2024-11313 Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files.
network
low complexity
trcore CWE-434
critical
 9.8
9.8
2024-11-18 CVE-2024-11314 Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files.
network
low complexity
trcore CWE-434
critical
 9.8
9.8
2024-11-18 CVE-2024-11315 Unrestricted Upload of File with Dangerous Type vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files.
network
low complexity
trcore CWE-434
critical
 9.8
9.8