Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-27 | CVE-2024-23586 | Insufficient Session Expiration vulnerability in Hcltech HCL Nomad HCL Nomad is susceptible to an insufficient session expiration vulnerability. | 7.5 |
| 2024-09-27 | CVE-2024-46453 | Cross-site Scripting vulnerability in Honeywell Iq3Xcite Firmware A cross-site scripting (XSS) vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
| 2024-09-27 | CVE-2024-47186 | Cross-site Scripting vulnerability in Filamentphp Filament Filament is a collection of full-stack components for Laravel development. | 6.1 |
| 2024-09-27 | CVE-2024-9291 | Cross-site Scripting vulnerability in Kvf-Admin Project Kvf-Admin 20220212 A vulnerability classified as problematic has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff. | 5.4 |
| 2024-09-27 | CVE-2024-9293 | SQL Injection vulnerability in Skyselang Yyladmin A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. | 8.8 |
| 2024-09-27 | CVE-2024-25412 | Cross-site Scripting vulnerability in Flatpress A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. | 6.1 |
| 2024-09-27 | CVE-2024-28948 | Cross-Site Request Forgery (CSRF) vulnerability in Advantech Adam-5630 Firmware Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2024-09-27 | CVE-2024-34542 | Insufficiently Protected Credentials vulnerability in Advantech Adam-5630 Firmware Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. | 5.7 |
| 2024-09-27 | CVE-2024-37187 | Insufficiently Protected Credentials vulnerability in Advantech Adam-5550 Firmware Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. | 5.7 |
| 2024-09-27 | CVE-2024-38308 | Cross-site Scripting vulnerability in Advantech Adam 5550-Firmware Advantech ADAM 5550's web application includes a "logs" page where all the HTTP requests received are displayed to the user. | 6.1 |