Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-30 | CVE-2024-47530 | Open Redirect vulnerability in Clinical-Genomics Scout Scout is a web-based visualizer for VCF-files. | 6.1 |
| 2024-09-30 | CVE-2024-47531 | Improper Encoding or Escaping of Output vulnerability in Clinical-Genomics Scout Scout is a web-based visualizer for VCF-files. | 3.5 |
| 2024-09-30 | CVE-2024-47532 | Unspecified vulnerability in Zope Restrictedpython RestrictedPython is a restricted execution environment for Python to run untrusted code. | 6.5 |
| 2024-09-30 | CVE-2024-47063 | Cross-site Scripting vulnerability in Cvat Computer Vision Annotation Tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. | 6.1 |
| 2024-09-30 | CVE-2024-47064 | Improper Neutralization of Script in an Error Message Web Page vulnerability in Cvat Computer Vision Annotation Tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. | 6.1 |
| 2024-09-30 | CVE-2024-47172 | Incorrect Authorization vulnerability in Cvat Computer Vision Annotation Tool Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. | 5.4 |
| 2024-09-30 | CVE-2024-45772 | Deserialization of Untrusted Data vulnerability in Apache Lucene Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users are recommended to upgrade to version 9.12.0, which fixes the issue. Java serialization filters (such as -Djdk.serialFilter='!*' on the commandline) can mitigate the issue on vulnerable versions without impacting functionality. | 8.0 |
| 2024-09-30 | CVE-2024-8453 | Use of a One-Way Hash without a Salt vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. | 4.9 |
| 2024-09-30 | CVE-2024-8454 | Resource Exhaustion vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware The swctrl service is used to detect and remotely manage PLANET Technology devices. | 7.5 |
| 2024-09-30 | CVE-2024-8455 | Inadequate Encryption Strength vulnerability in Planet products The swctrl service is used to detect and remotely manage PLANET Technology devices. | 5.9 |