Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-47188 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Oisf Suricata Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-10-16 | CVE-2024-20420 | Unspecified vulnerability in Cisco ATA 191 Firmware and ATA 192 Firmware A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. | 8.8 |
| 2024-10-16 | CVE-2024-20458 | OS Command Injection vulnerability in Cisco ATA 191 Firmware and ATA 192 Firmware A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a lack of authentication on specific HTTP endpoints. | 8.2 |
| 2024-10-16 | CVE-2024-20459 | OS Command Injection vulnerability in Cisco ATA 191 Firmware and ATA 192 Firmware A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to execute arbitrary commands as the root user on the underlying operating system. This vulnerability is due to a lack of input sanitization in the web-based management interface. | 7.2 |
| 2024-10-16 | CVE-2024-20463 | Unspecified vulnerability in Cisco ATA 191 Firmware and ATA 192 Firmware A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET requests. | 7.1 |
| 2024-10-16 | CVE-2024-38814 | SQL Injection vulnerability in VMWare HCX 4.10.0 An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. | 8.8 |
| 2024-10-16 | CVE-2024-4184 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-16 | CVE-2024-4189 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-16 | CVE-2024-4690 | XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | 8.0 |
| 2024-10-16 | CVE-2024-10023 | SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. | 8.8 |