CVE-2024-8693 : KAON CG3000 1.01.43 DHCPCD COMMAND -H CROSS SITE SCRIPTING

Description A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is

Description A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an

Description An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through

Description Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update

Description Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset function due improper user

Description Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to

Description An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial

Description The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in

Description DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker

Description body-parser is Node.js body parsing middleware. body-parser

Description SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without

Description Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6

Description An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference

Description Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled

Description **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and

Description This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain

Description A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document

Description Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality, allowing unauthenticated remote attacker to

Description Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows

Description IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role, to bypass security

Description A vulnerability, which was classified as critical, has been found in itsourcecode Payroll Management System 1.0. This issue affects

Description A vulnerability was found in SourceCodesters Clinics Patient Management System 2.0. It has been rated as critical. This issue

Description A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue is the