7.2

CVSS3.1

CVE-2024-50361 -

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relie…

πŸ“… Published: Nov. 26, 2024, 10:53 a.m. πŸ”„ Last Modified: Jan. 23, 2026, 7:40 p.m.

7.2

CVSS3.1

CVE-2024-50360 -

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relie…

πŸ“… Published: Nov. 26, 2024, 10:53 a.m. πŸ”„ Last Modified: Jan. 23, 2026, 7:41 p.m.

7.2

CVSS3.1

CVE-2024-50359 -

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The source of the vulnerability relie…

πŸ“… Published: Nov. 26, 2024, 10:53 a.m. πŸ”„ Last Modified: Jan. 23, 2026, 7:41 p.m.

7.2

CVSS3.1

CVE-2024-50358 -

A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the following devices manufactured by Advantech: EKI-6333AC-2G (<= 1.6.3), EKI-6333AC-2GD (<= v1.6.3) and EKI-6333AC-1GPO (<= v1.2.1). The vulnerability can be exploited by authenticated users by restoring a tam…

πŸ“… Published: Nov. 26, 2024, 10:51 a.m. πŸ”„ Last Modified: Jan. 23, 2026, 7:42 p.m.

9.8

CVSS3.1

CVE-2024-11680 - ProjectSend Unauthenticated Configuration Modification

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allow…

πŸ“… Published: Nov. 26, 2024, 9:55 a.m. πŸ”„ Last Modified: Nov. 22, 2025, 12:24 p.m.

6.1

CVSS3.1

CVE-2024-11032 - Parsi Date <= 5.1.1 - Reflected Cross-Site Scripting via add_query_arg Parameter

The Parsi Date plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that…

πŸ“… Published: Nov. 26, 2024, 9:32 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.8

CVSS3.1

CVE-2018-11952 - Improper Authentication in TrustZone

An image with a version lower than the fuse version may potentially be booted lead to improper authentication.

πŸ“… Published: Nov. 26, 2024, 8:55 a.m. πŸ”„ Last Modified: Jan. 9, 2025, 8:39 p.m.

7.5

CVSS3.1

CVE-2018-11922 - Configurations in Android Build

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

πŸ“… Published: Nov. 26, 2024, 8:55 a.m. πŸ”„ Last Modified: Jan. 9, 2025, 8:43 p.m.

6.8

CVSS3.1

CVE-2017-18153 - Use After Free in WLAN

A race condition exists in a driver potentially leading to a use-after-free condition.

πŸ“… Published: Nov. 26, 2024, 8:55 a.m. πŸ”„ Last Modified: Jan. 9, 2025, 8:50 p.m.

8.8

CVSS3.1

CVE-2017-17772 - Multiple buffer overread vulnerabilities in WLAN

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.

πŸ“… Published: Nov. 26, 2024, 8:55 a.m. πŸ”„ Last Modified: Jan. 9, 2025, 9:01 p.m.
Total resulsts: 349182
Page 7701 of 34,919
Β« previous page Β» next page
Filters