Vulnerabilities > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-18	CVE-2024-41971	A low privileged remote attacker can overwrite an arbitrary file on the filesystem leading to a DoS and data loss. network low complexity CWE-22	8.1
2024-11-18	CVE-2024-41973	A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead to an arbitrary file writes with root privileges. network low complexity CWE-35	8.1
2024-11-18	CVE-2024-41974	A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication. network low complexity CWE-732	7.1
2024-11-18	CVE-2024-42384	Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. network low complexity cesanta CWE-190	7.5
2024-11-18	CVE-2024-42385	Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. local high complexity cesanta	7.0
2024-11-18	CVE-2024-42386	Unspecified vulnerability in Cesanta Mongoose Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. network low complexity cesanta	7.5
2024-11-18	CVE-2024-42392	Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. network low complexity cesanta	7.5
2024-11-18	CVE-2024-41967	A low privileged remote attacker may modify the boot mode configuration setup of the device, leading to modification of the firmware upgrade process or a denial-of-service attack. network low complexity CWE-306	8.1
2024-11-18	CVE-2024-41969	A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS. network low complexity CWE-306	8.8
2024-11-18	CVE-2024-49574	SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module. network low complexity zohocorp CWE-89	8.8

Vulnerabilities > High {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"High"}]}

Vulnerabilities > High