Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2021-34750 A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information.
network
low complexity
CWE-317
4.3
4.3
2024-11-15 CVE-2021-34751 A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to access sensitive configuration information.
network
low complexity
CWE-317
4.3
4.3
2024-11-15 CVE-2021-34753 A vulnerability in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. This vulnerability is due to incomplete processing during deep packet inspection for ENIP packets.
network
low complexity
CWE-284
5.8
5.8
2024-11-15 CVE-2022-20632 A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
 6.1
6.1
2024-11-15 CVE-2022-20633 A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back from the application as part of an authentication attempt.
network
low complexity
CWE-204
5.3
5.3
2024-11-15 CVE-2024-11247 Code Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic.
network
low complexity
oretnom23 CWE-94
5.4
5.4
2024-11-15 CVE-2024-11248 Stack-based Buffer Overflow vulnerability in Tenda Ac10 Firmware 16.03.10.13
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical.
network
low complexity
tenda CWE-121
8.8
8.8
2024-11-15 CVE-2024-39726 XXE vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
8.2
8.2
2024-11-15 CVE-2024-44625 Path Traversal vulnerability in Gogs
Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.
network
low complexity
gogs CWE-22
8.8
8.8
2024-11-15 CVE-2024-50653 Unspecified vulnerability in Crmeb
CRMEB <=5.4.0 is vulnerable to Incorrect Access Control.
network
low complexity
crmeb
7.5
7.5