Show filters
325,667 Total Results
Displaying 1,041-1,050 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-43693
Disclosure Date: September 25, 2024 (last updated October 02, 2024)
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE
UTILITY sub-menu can allow a remote attacker to inject arbitrary
commands.
0
Attacker Value
Unknown
CVE-2024-43692
Disclosure Date: September 25, 2024 (last updated October 02, 2024)
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full privileges by requesting the URL directly.
0
Attacker Value
Unknown
CVE-2024-43423
Disclosure Date: September 25, 2024 (last updated October 02, 2024)
The web application for ProGauge MAGLINK LX4 CONSOLE contains an
administrative-level user account with a password that cannot be
changed.
0
Attacker Value
Unknown
CVE-2024-42797
Disclosure Date: September 25, 2024 (last updated September 25, 2024)
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music playlist entries.
0
Attacker Value
Unknown
CVE-2024-42507
Disclosure Date: September 25, 2024 (last updated September 25, 2024)
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
0
Attacker Value
Unknown
CVE-2024-42506
Disclosure Date: September 25, 2024 (last updated September 25, 2024)
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
0
Attacker Value
Unknown
CVE-2024-42505
Disclosure Date: September 25, 2024 (last updated September 25, 2024)
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
0
Attacker Value
Unknown
CVE-2024-41725
Disclosure Date: September 25, 2024 (last updated October 01, 2024)
ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input
fields that are used to render pages which may allow cross site
scripting.
0
Attacker Value
Unknown
CVE-2024-39928
Disclosure Date: September 25, 2024 (last updated September 25, 2024)
In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils.
Users are recommended to upgrade to version 1.6.0, which fixes this issue.
0
Attacker Value
Unknown
CVE-2024-38324
Disclosure Date: September 25, 2024 (last updated October 01, 2024)
IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.
0