7.5

CVSS3.1

CVE-2024-33342 -

D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: May 21, 2025, 12:51 p.m.

6.8

CVSS3.1

CVE-2024-28326 -

Incorrect Access Control in ASUS RT-N12+ B1 and RT-N12 D1 routers allows local attackers to obtain root terminal access via the the UART interface.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-28325 -

Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS3.1

CVE-2023-47252 -

An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communication buffer, which could lโ€ฆ

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: July 29, 2025, 11:30 p.m.

5.4

CVSS3.1

CVE-2024-28328 -

CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject arbitrary commands or formulas in the client name parameter which can be triggered and executed in a different user session upon exporting to CSV format.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.4

CVSS3.1

CVE-2024-28327 -

Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.6

CVSS3.1

CVE-2024-33666 -

An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2025, 4:40 p.m.

9.1

CVSS3.1

CVE-2024-25343 -

Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: June 30, 2025, 2:06 p.m.

6

CVSS3.1

CVE-2024-32404 -

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: June 30, 2025, 2:11 p.m.

7.5

CVSS3.1

CVE-2024-32406 -

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: Dec. 17, 2025, 4:16 p.m.
Total resulsts: 349182
Page 10162 of 34,919
ยซ previous page ยป next page
Filters