0.0
CVE-2024-45344 -
reserved but not needed
5.3
CVE-2024-8213 - D-Link DNS-1550-04 hd_config.cgi cgi_FMT_R12R5_1st_DiskMGR command injection
A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is the β¦
5.3
CVE-2024-8212 - D-Link DNS-1550-04 hd_config.cgi cgi_FMT_R12R5_2nd_DiskMGR command injection
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been rated as critical. This issue afβ¦
0.0
CVE-2024-8240 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.3
CVE-2024-8211 - D-Link DNS-1550-04 hd_config.cgi cgi_FMT_Std2R1_DiskMGR command injection
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been declared as critical. This vulneβ¦
4.1
CVE-2024-1544 - ECDSA nonce bias caused by truncation
Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor q_e by dividing the upper two digits (a digit havinβ¦
5.1
CVE-2024-5814 - Unverifed Ciphersuite used on a client-side TLS1.3 Downgrade
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.β¦
5.1
CVE-2024-5288 - Safe-error attack on TLS 1.3 Protocol
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault ocβ¦
6.4
CVE-2024-45037 - AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template
The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customerβs AWS account. CDK contains pre-built components calledβ¦
10
CVE-2024-5991 - Buffer overread in domain name matching
In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting tβ¦