5.3
CVE-2024-7443 - Vivotek IB8367A upload_file.cgi getenv command injection
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek IB8367A VVTK-0100b. Affected is the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. It is possible to launch the attack remotely. Tβ¦
5.3
CVE-2024-7442 - Vivotek SD9364 upload_file.cgi getenv command injection
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been rated as critical. This issue affects the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. The attack may be initiated remotely. β¦
8.7
CVE-2024-7441 - Vivotek SD9364 httpd read stack-based overflow
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack can be initβ¦
5.3
CVE-2024-7440 - Vivotek CC8160 upload_file.cgi getenv command injection
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has been classified as critical. This affects the function getenv of the file upload_file.cgi. The manipulation of the argument QUERY_STRING leads to command injection. It is possible to initiate the attack rβ¦
8.7
CVE-2024-7439 - Vivotek CC8160 httpd read stack-based overflow
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. Affected by this issue is the function read of the component httpd. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be launched remβ¦
5.3
CVE-2024-7438 - SimpleMachines SMF User Alert Read Status index.php resource injection
A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?action=profile;u=2;area=showalerts;do=read of the component User Alert Read Status Handler. The manipulation of the argument aiβ¦
5.7
CVE-2024-37286 - APM Server Insertion of Sensitive Information into Log File
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively β¦
5.3
CVE-2024-7437 - SimpleMachines SMF Delete User index.php resource injection
A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4. Affected is an unknown function of the file /index.php?action=profile;u=2;area=showalerts;do=remove of the component Delete User Handler. The manipulation of the argument aid leads to improper control of resouβ¦
5.3
CVE-2024-7436 - D-Link DI-8100 msp_info.htm msp_info_htm command injection
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This issue affects the function msp_info_htm of the file msp_info.htm. The manipulation of the argument cmd leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to β¦
5.3
CVE-2024-38321 - IBM Business Automation Workflow information disclosure
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868.