0.0

CVE-2024-8506 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

📅 Published: Sept. 5, 2024, 11:30 p.m. 🔄 Last Modified: Jan. 16, 2026, 11:15 p.m.

6.1

CVSS3.1

CVE-2024-45400 - CKEditor Open Link plugin vulnerable to Cross-site Scripting

ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin prior to 1.0.7 allowed a user to execute JavaScript code by abusing the link href attribute. The fix i…

📅 Published: Sept. 5, 2024, 11:23 p.m. 🔄 Last Modified: Sept. 19, 2024, 6:04 p.m.

7.1

CVSS4.0

CVE-2024-42495 - Hughes Network Systems WL3000 Missing Encryption of Sensitive Data

Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configuration data.

📅 Published: Sept. 5, 2024, 10:41 p.m. 🔄 Last Modified: Oct. 4, 2024, 2:37 p.m.

4.1

CVSS4.0

CVE-2024-39278 - Hughes Network Systems Insufficiently Protected Credentials

Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configuration data.

📅 Published: Sept. 5, 2024, 10:39 p.m. 🔄 Last Modified: Oct. 4, 2024, 2:36 p.m.

0.0