Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-18 | CVE-2024-31196 | NULL Pointer Dereference vulnerability in Opennetworking Libfluid MSG 0.1.0 Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). | 7.5 |
| 2024-09-18 | CVE-2024-31197 | Unspecified vulnerability in Opennetworking Libfluid MSG 0.1.0 Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). | 7.5 |
| 2024-09-18 | CVE-2024-31198 | Out-of-bounds Read vulnerability in Opennetworking Libfluid MSG 0.1.0 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). | 7.5 |
| 2024-09-18 | CVE-2024-39081 | Authentication Bypass by Capture-replay vulnerability in Jktyre Smart Tyre CAR & Bike 4.2.0 An issue in SMART TYRE CAR & BIKE v4.2.0 allows attackers to perform a man-in-the-middle attack via Bluetooth communications. | 4.2 |
| 2024-09-18 | CVE-2024-8891 | Unspecified vulnerability in Circutor Q-Smt Firmware 1.0.4 An attacker with no knowledge of the current users in the web application, could build a dictionary of potential users and check the server responses as it indicates whether or not the user is present in CIRCUTOR Q-SMT in its firmware version 1.0.4. | 5.3 |
| 2024-09-18 | CVE-2024-8890 | Unspecified vulnerability in Circutor Q-Smt Firmware 1.0.4 An attacker with access to the network where the CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could obtain legitimate credentials or steal sessions due to the fact that the device only implements the HTTP protocol. low complexity circutor | 8.8 |
| 2024-09-18 | CVE-2024-8892 | Unspecified vulnerability in Circutor Tcp2Rs+ Firmware 1.3B Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. | 9.1 |
| 2024-09-18 | CVE-2024-43188 | Unspecified vulnerability in IBM Business Automation Workflow IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged user to perform unauthorized activities due to improper client side validation. | 4.9 |
| 2024-09-18 | CVE-2024-8888 | Insufficient Session Expiration vulnerability in Circutor Q-Smt Firmware 1.0.4 An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. | 7.5 |
| 2024-09-18 | CVE-2024-8889 | Unspecified vulnerability in Circutor Tcp2Rs+ Firmware 1.3B Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use. | 9.1 |