Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-06	CVE-2024-20539	Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. network low complexity cisco CWE-79	4.8
2024-11-06	CVE-2024-10919	OS Command Injection vulnerability in Didi Super-Jacoco 1.0 A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. network low complexity didi CWE-78 critical	9.8
2024-11-06	CVE-2024-10920	Use of Hard-coded Credentials vulnerability in Mariazevedo88 Travels-Java-Api A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. network high complexity mariazevedo88 CWE-798	3.7
2024-11-06	CVE-2024-10916	Unspecified vulnerability in Dlink products A vulnerability classified as problematic has been found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. network low complexity dlink	5.3
2024-11-06	CVE-2024-35146	IBM Maximo Application Suite - Monitor Component 8.10.11, 8.11.8, and 9.0.0 is vulnerable to cross-site scripting. network low complexity CWE-79	5.4
2024-11-06	CVE-2024-6861	A disclosure of sensitive information flaw was found in foreman via the GraphQL API. network low complexity CWE-200	7.5
2024-11-06	CVE-2020-11859	Cross-site Scripting vulnerability in Microfocus Imanager Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 network low complexity microfocus CWE-79	5.4
2024-11-06	CVE-2024-10914	Unspecified vulnerability in Dlink products A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. network low complexity dlink critical	9.8
2024-11-06	CVE-2024-10915	OS Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. network low complexity dlink CWE-78 critical	9.8
2024-11-06	CVE-2024-10186	Cross-site Scripting vulnerability in Avecnous Event Post The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's events_cal shortcode in all versions up to, and including, 5.9.6 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity avecnous CWE-79	5.4

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities