CVE-2024-39907 : 1PANEL 1.10.9-TLS/1.10.10-TLS/1.10.11-TLS SQL INJECTION
Description 1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well…
CVE-2024-20401 : CISCO SECURE EMAIL CONTENT SCANNING/MESSAGE FILTERING ABSOLUTE PATH TRAVERSAL
Description A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary…
CVE-2024-23467 : SOLARWINDS ACCESS RIGHTS MANAGER UP TO 2023.2.4 PATH TRAVERSAL
Description The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote…
CVE-2024-5471 : ZOHO MANAGEENGINE DDI CENTRAL UP TO 4001 AGENT HARD-CODED CREDENTIALS
Description Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys. References https://www.manageengine.com/dns-dhcp-ipam/security-updates/cve-2024-5471.html For More…
CVE-2024-29737 : APACHE STREAMPARK UP TO 2.1.3 PROJECT MODULE COMMAND INJECTION
Description In streampark, the project module integrates Maven's compilation capabilities. The input parameter validation is not strict, allowing attackers to insert commands for remote command…
CVE-2024-41010 : LINUX KERNEL 6.6 NETWORK NAME TCF_CHAIN0_HEAD_CHANGE_CB_DEL USE AFTER FREE
Description In the Linux kernel, the following vulnerability has been resolved: bpf: Fix too early release of tcx_entry Pedro Pinto and later independently also Hyunwoo…