Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-30117 | Uncontrolled Search Path Element vulnerability in Hcltech Bigfix Platform A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. | 5.3 |
| 2024-10-14 | CVE-2024-35518 | Command Injection vulnerability in Netgear Ex6120 Firmware Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the wan_dns1_pri parameter. | 6.8 |
| 2024-10-14 | CVE-2024-35519 | Command Injection vulnerability in Netgear Ex3700 Firmware, Ex6100 Firmware and Ex6120 Firmware Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter. | 6.8 |
| 2024-10-14 | CVE-2024-35520 | Command Injection vulnerability in Netgear R7000 Firmware 1.0.11.136 Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter. | 6.8 |
| 2024-10-14 | CVE-2024-9953 | Deserialization of Untrusted Data vulnerability in Cert Vince A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. | 4.9 |
| 2024-10-14 | CVE-2024-48909 | Unspecified vulnerability in Authzed Spicedb SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. | 2.4 |
| 2024-10-14 | CVE-2024-48911 | Incorrect Authorization vulnerability in Thinkst Opencanary OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. | 7.8 |
| 2024-10-14 | CVE-2024-6207 | Unspecified vulnerability in Rockwellautomation products CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and send a specially crafted CIP message to the device. | 7.5 |
| 2024-10-14 | CVE-2024-46980 | Cross-site Scripting vulnerability in Enalean Tuleap Tuleap is a tool for end to end traceability of application and system developments. | 4.8 |
| 2024-10-14 | CVE-2024-46988 | Improper Handling of Exceptional Conditions vulnerability in Enalean Tuleap Tuleap is a tool for end to end traceability of application and system developments. | 5.7 |