Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2023-20125 A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections.
network
low complexity
CWE-400
8.6
8.6
2024-11-15 CVE-2023-20154 A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges. This vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server.
network
low complexity
CWE-305
critical
 9.1
9.1
2024-11-15 CVE-2024-11241 SQL Injection vulnerability in Anisha JOB Recruitment 1.0
A vulnerability was found in code-projects Job Recruitment 1.0.
network
low complexity
anisha CWE-89
7.5
7.5
2024-11-15 CVE-2024-20373 A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.  This vulnerability exists because Cisco IOS Software and Cisco IOS XE Software do not support extended IPv4 ACLs for SNMP, but they do allow administrators to configure extended named IPv4 ACLs that are attached to the SNMP server configuration without a warning message.
network
low complexity
CWE-284
5.3
5.3
2024-11-15 CVE-2024-41785 IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
6.1
6.1
2024-11-15 CVE-2024-43189 IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
CWE-327
5.9
5.9
2024-11-15 CVE-2024-11239 Path Traversal vulnerability in Landray EKP 12.0.9.R.20160325
A vulnerability has been found in Landray EKP up to 16.0 and classified as critical.
network
low complexity
landray CWE-22
4.3
4.3
2024-11-15 CVE-2024-11240 Cross-site Scripting vulnerability in Ibphoenix Ibwebadmin
A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic.
network
low complexity
ibphoenix CWE-79
6.1
6.1
2024-11-15 CVE-2024-11238 Path Traversal vulnerability in Landray EKP 12.0.9.R.20160325
A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0.
network
low complexity
landray CWE-22
5.3
5.3
2024-11-15 CVE-2024-11237 Out-of-bounds Write vulnerability in Tp-Link Vn020-F3V(T) Firmware Ttv6.2.1021
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021.
network
low complexity
tp-link CWE-787
critical
 9.8
9.8