Show filters
13,143 Total Results
Displaying 211-220 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-6343
Disclosure Date: September 03, 2024 (last updated September 06, 2024)
A buffer overflow vulnerability in the CGI program of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.
0
Attacker Value
Unknown
CVE-2024-42060
Disclosure Date: September 03, 2024 (last updated September 06, 2024)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50(W) series firmware versions from V4.16 through V5.38, and USG20(W)-VPN series firmware versions from V4.16 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted internal user agreement file to the vulnerable device.
0
Attacker Value
Unknown
CVE-2024-42059
Disclosure Date: September 03, 2024 (last updated September 06, 2024)
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V5.00 through V5.38, USG FLEX series firmware versions from V5.00 through V5.38, USG FLEX 50(W) series firmware versions from V5.00 through V5.38, and USG20(W)-VPN series firmware versions from V5.00 through V5.38 could allow an authenticated attacker with administrator privileges to execute some OS commands on an affected device by uploading a crafted compressed language file via FTP.
0
Attacker Value
Unknown
CVE-2024-20088
Disclosure Date: September 02, 2024 (last updated September 06, 2024)
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543.
0
Attacker Value
Unknown
CVE-2024-20087
Disclosure Date: September 02, 2024 (last updated September 06, 2024)
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1550.
0
Attacker Value
Unknown
CVE-2024-20086
Disclosure Date: September 02, 2024 (last updated September 06, 2024)
In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue ID: MSV-1551.
0
Attacker Value
Unknown
CVE-2024-20085
Disclosure Date: September 02, 2024 (last updated September 06, 2024)
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.
0
Attacker Value
Unknown
CVE-2024-20084
Disclosure Date: September 02, 2024 (last updated September 06, 2024)
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.
0
Attacker Value
Unknown
CVE-2024-39579
Disclosure Date: August 31, 2024 (last updated September 04, 2024)
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access.
0
Attacker Value
Unknown
CVE-2024-39578
Disclosure Date: August 31, 2024 (last updated September 04, 2024)
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
0