CVE-2024-20381 : CISCO IOS XR JSON-RPC API IMPROPER AUTHORIZATION
Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco
Description A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco
Description COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt
Description In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd (“nvme:
Description A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises
Description A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability,
Description A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update
Description A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is
Description A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an
Description An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through
Description Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update