5.9

CVSS3.1

CVE-2024-41909 - Apache MINA SSHD: integrity check bypass

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with a…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: March 27, 2025, 4:15 p.m.

9.8

CVSS3.1

CVE-2024-42546 -

TOTOLINK A3100R V4.1.2cu.5050_B20200504 has a buffer overflow vulnerability in the password parameter in the loginauth function.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 15, 2024, 4:35 p.m.

9.8

CVSS3.1

CVE-2024-42520 -

TOTOLINK A3002R v4.0.0-B20230531.1404 contains a buffer overflow vulnerability in /bin/boa via formParentControl.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 3:35 p.m.

8.2

CVSS3.1

CVE-2024-36877 -

Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's …

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2024-33536 -

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability occurs due to inadequate input validation of the res parameter, allowing an authenticated attacker to inject and execute arbitrary JavaScript code within the context of another user's browser session. By uploading…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: March 25, 2025, 5:15 p.m.

7.8

CVSS3.1

CVE-2024-27442 -

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a component of ZCS, is intended to be executed by the zimbra user with root privileges for specific mailbox operations. However, an attacker can escalate privileges from the zimbra user to root, because of…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 5:30 p.m.

8.8

CVSS3.1

CVE-2024-42742 -

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUrlFilterRules. Authenticated Attackers can send malicious packet to execute arbitrary commands.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 8:35 p.m.

7.8

CVSS3.1

CVE-2024-42741 -

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setL2tpServerCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 5:35 p.m.

5.4

CVSS3.1

CVE-2024-42629 -

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 5:02 p.m.

8.8

CVSS3.1

CVE-2024-42627 -

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/delete/3.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 7:35 p.m.
Total resulsts: 347752
Page 8756 of 34,776
Β« previous page Β» next page
Filters