Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-25 | CVE-2024-11658 | Command Injection vulnerability in Engeniustech products A vulnerability has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118 and classified as critical. | 7.2 |
2024-11-25 | CVE-2024-11655 | Command Injection vulnerability in Engeniustech products A vulnerability classified as critical was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-25 | CVE-2024-11656 | Command Injection vulnerability in Engeniustech products A vulnerability, which was classified as critical, has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-25 | CVE-2024-11653 | Command Injection vulnerability in Engeniustech products A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-25 | CVE-2024-11654 | Command Injection vulnerability in Engeniustech products A vulnerability classified as critical has been found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-25 | CVE-2024-11651 | Command Injection vulnerability in Engeniustech products A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-25 | CVE-2024-11652 | Command Injection vulnerability in Engeniustech products A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. | 7.2 |
2024-11-24 | CVE-2024-11665 | Command Injection vulnerability in Echarge Salia Plcc Firmware Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in hardy-barth cph2_echarge_firmware allows OS Command Injection.This issue affects cph2_echarge_firmware: through 2.0.4. | 8.8 |
2024-11-24 | CVE-2024-11233 | Out-of-bounds Write vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas. | 8.2 |
2024-11-24 | CVE-2024-11234 | Injection vulnerability in PHP In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. | 7.2 |