Show filters
213 Total Results
Displaying 21-30 of 213
Sort by:
Attacker Value
Unknown
CVE-2024-12106
Disclosure Date: December 31, 2024 (last updated January 13, 2025)
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings.
0
Attacker Value
Unknown
CVE-2024-12105
Disclosure Date: December 31, 2024 (last updated January 13, 2025)
In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure.
0
Attacker Value
Unknown
CVE-2024-8785
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.
0
Attacker Value
Unknown
CVE-2024-46909
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account.
0
Attacker Value
Unknown
CVE-2024-46908
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required)
to achieve privilege escalation to the admin account.
0
Attacker Value
Unknown
CVE-2024-46907
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
0
Attacker Value
Unknown
CVE-2024-46906
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated low-privileged user (at least Report Viewer permissions required) to achieve privilege escalation to the admin account.
0
Attacker Value
Unknown
CVE-2024-46905
Disclosure Date: December 02, 2024 (last updated December 21, 2024)
In WhatsUp Gold versions released before 2024.0.1, a SQL Injection vulnerability allows an authenticated lower-privileged user (at least Network Manager permissions required) to achieve privilege escalation to the admin account.
0
Attacker Value
Unknown
CVE-2024-8049
Disclosure Date: November 13, 2024 (last updated November 19, 2024)
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable.
0
Attacker Value
Unknown
CVE-2024-7295
Disclosure Date: November 13, 2024 (last updated November 19, 2024)
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information.
0
