Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-45861 | Use of Hard-coded Credentials vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-45862 | Cleartext Storage of Sensitive Information vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-8698 | A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. | 7.7 |
| 2024-09-19 | CVE-2024-8883 | Open Redirect vulnerability in Redhat products A misconfiguration flaw was found in Keycloak. | 6.1 |
| 2024-09-19 | CVE-2024-46394 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add | 8.8 |
| 2024-09-19 | CVE-2024-46382 | SQL Injection vulnerability in Linlinjava Litemall 1.8.0 A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java. | 7.5 |
| 2024-09-19 | CVE-2024-45769 | A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. local low complexity | 5.5 |
| 2024-09-19 | CVE-2024-45770 | A vulnerability was found in Performance Co-Pilot (PCP). | 4.4 |
| 2024-09-19 | CVE-2024-47087 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47088 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |