4.4

CVSS3.1

CVE-2024-0139 -

NVIDIA Base Command Manager and Bright Cluster Manager for Linux contain an insecure temporary file vulnerability. A successful exploit of this vulnerability might lead to denial of service.

πŸ“… Published: Dec. 6, 2024, 7:37 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS4.0

CVE-2024-47146 - Ruijie Reyee OS Resource Leak

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to obtain the devices serial number if physically adjacent and sniffing the RAW WIFI signal.

πŸ“… Published: Dec. 6, 2024, 6:27 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:45 p.m.

9.2

CVSS4.0

CVE-2024-52324 - Ruijie Reyee OS Use of Inherently Dangerous Function

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands.

πŸ“… Published: Dec. 6, 2024, 6:25 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:42 p.m.

9.3

CVSS4.0

CVE-2024-48874 - Ruijie Reyee OS Server-Side Request Forgery

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud me…

πŸ“… Published: Dec. 6, 2024, 6:22 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:44 p.m.

9.2

CVSS4.0

CVE-2024-46874 - Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud.

πŸ“… Published: Dec. 6, 2024, 6:18 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:49 p.m.

8.7

CVSS4.0

CVE-2024-47791 - Ruijie Reyee OS Improper Neutralization of Wildcards or Matching Symbols

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices.

πŸ“… Published: Dec. 6, 2024, 6:16 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:44 p.m.

8.7

CVSS4.0

CVE-2024-45722 - Ruijie Reyee OS Use of Weak Credentials

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials.

πŸ“… Published: Dec. 6, 2024, 6:13 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:49 p.m.

8.7

CVSS4.0

CVE-2024-47043 - Ruijie Reyee OS Insecure Storage of Sensitive Information

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address.

πŸ“… Published: Dec. 6, 2024, 6:12 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 6:32 p.m.

7.1

CVSS4.0

CVE-2024-51727 - Ruijie Reyee OS Premature Release of Resource During Expected Lifetime

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account.

πŸ“… Published: Dec. 6, 2024, 6:10 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 7:51 p.m.

7.1

CVSS4.0

CVE-2024-42494 - Ruijie Reyee OS Exposure of Private Personal Information to an Unauthorized Actor

Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services

πŸ“… Published: Dec. 6, 2024, 6:05 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 6:38 p.m.
Total resulsts: 349182
Page 7594 of 34,919
Β« previous page Β» next page
Filters