Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-44460 | Unspecified vulnerability in Emqx Nanomq 0.21.9 An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). | 7.5 |
| 2024-09-12 | CVE-2024-45607 | Unspecified vulnerability in Secreto31126 Whatsapp-Api-Js whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. | 5.3 |
| 2024-09-12 | CVE-2024-6077 | Unspecified vulnerability in Rockwellautomation products A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. | 7.5 |
| 2024-09-12 | CVE-2024-8533 | Incorrect Default Permissions vulnerability in Rockwellautomation products A privilege escalation vulnerability exists in the Rockwell Automation affected products. | 8.8 |
| 2024-09-12 | CVE-2024-25270 | Authorization Bypass Through User-Controlled Key vulnerability in Mirapolis LMS An issue in Mirapolis LMS 4.6.XX allows authenticated users to exploit an Insecure Direct Object Reference (IDOR) vulnerability by manipulating the ID parameter and increment STEP parameter, leading to the exposure of sensitive user data. | 4.3 |
| 2024-09-12 | CVE-2024-34334 | SQL Injection vulnerability in Ordat Ordat.Erp ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. | 7.5 |
| 2024-09-12 | CVE-2024-34335 | Cross-site Scripting vulnerability in Ordat Ordat.Erp ORDAT FOSS-Online before version 2.24.01 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login page. | 6.1 |
| 2024-09-12 | CVE-2024-34336 | Information Exposure Through Discrepancy vulnerability in Ordat Ordat.Erp User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. | 5.3 |
| 2024-09-12 | CVE-2024-36066 | Unspecified vulnerability in Keyfactor Ejbca 8.0.0 The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. | 3.1 |
| 2024-09-12 | CVE-2024-45181 | Out-of-bounds Write vulnerability in Wibu Wibukey An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. | 7.8 |