6.1
CVE-2024-20496 - Cisco SD-WAN vEdge Routers Denial of Service Vulnerability
A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An atβ¦
6.4
CVE-2024-20475 - Cisco SD-WAN vManage Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based manβ¦
5.8
CVE-2024-20508 - Cisco UTD Snort IPS Engine Software for Cisco IOS XE Software Security Policy Bypass and Denial of β¦
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerabiβ¦
7.5
CVE-2024-20350 - Cisco Catalyst Center Static SSH Host Key Vulnerability
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerabilitβ¦
8.6
CVE-2024-20455 -
A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exβ¦
8.1
CVE-2024-47078 - Meshtastic firmware Authentication/Authorization Bypass via MQTT
Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly via an internet connection or proxied through a connected phone (i.e., via bluetooth). Prior to verβ¦
5.5
CVE-2024-7421 -
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included in command-line arguments when launching WinSCP sessions
5.3
CVE-2024-43237 - WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Steve Burge WordPress Tag Cloud Plugin β Tag Groups tag-groups.This issue affects WordPress Tag Cloud Plugin β Tag Groups: from n/a through <= 2.0.3.
5.3
CVE-2024-43990 - WordPress Masterstudy LMS Starter theme <= 1.1.8 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS Starter.This issue affects Masterstudy LMS Starter: from n/a through 1.1.8.
7.1
CVE-2024-43959 - WordPress Super Testimonials plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials super-testimonial allows Reflected XSS.This issue affects Testimonials: from n/a through <= 4.0.1.