Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-45275 | The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthenticated remote attacker for full control of the affected devices. | 9.8 |
| 2024-10-15 | CVE-2024-47674 | Incomplete Cleanup vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are special, because unlike normal memory mappings, there is no lifetime information associated with the mapping - it is just a raw mapping of PFNs with no reference counting of a 'struct page'. That's all very much intentional, but it does mean that it's easy to mess up the cleanup in case of errors. | 5.5 |
| 2024-10-15 | CVE-2024-49382 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in archive-server service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49383 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49384 | Unspecified vulnerability in Acronis Cyber Protect 16 Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. low complexity acronis | 4.3 |
| 2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
| 2024-10-15 | CVE-2024-49388 | Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. | 9.1 |
| 2024-10-15 | CVE-2024-9975 | Unrestricted Upload of File with Dangerous Type vulnerability in Rems Drag and Drop Image Upload 1.0 A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. | 8.8 |
| 2024-10-15 | CVE-2024-9976 | SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. | 9.8 |
| 2024-10-15 | CVE-2024-47945 | Insufficient Entropy vulnerability in Rittal products The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. | 9.8 |