Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-14 | CVE-2024-48255 | SQL Injection vulnerability in Magicbug Cloudlog 2.6.15 Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. | 9.8 |
| 2024-10-14 | CVE-2024-38862 | Information Exposure Through Log Files vulnerability in Checkmk 2.1.0/2.2.0 Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators. | 4.4 |
| 2024-10-14 | CVE-2024-38863 | Unspecified vulnerability in Checkmk 2.1.0/2.2.0 Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks. | 7.5 |
| 2024-10-14 | CVE-2024-9923 | Unspecified vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them. | 4.9 |
| 2024-10-14 | CVE-2024-9924 | The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. network low complexity critical | 9.8 |
| 2024-10-14 | CVE-2024-9921 | SQL Injection vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database contents. | 9.8 |
| 2024-10-14 | CVE-2024-9922 | Unspecified vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | 7.5 |
| 2024-10-13 | CVE-2024-9917 | Deserialization of Untrusted Data vulnerability in Usualtool Usualtoolcms 9.0 A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. | 4.9 |
| 2024-10-13 | CVE-2024-9918 | SQL Injection vulnerability in Usualtool Usualtoolcms 9.0 A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. | 7.2 |
| 2024-10-13 | CVE-2024-9915 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. | 8.8 |