7.1

CVSS4.0

CVE-2024-48846 - Cross Side Request Forgery, CSRF

Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:43 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:48 p.m.

9.3

CVSS4.0

CVE-2024-48845 - Weak Password Rules/Strength

Weak Password Reset Rules vulnerabilities where found providing a potiential for the storage of weak passwords that could facilitate unauthorized admin/application access.ย  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

๐Ÿ“… Published: Dec. 5, 2024, 12:42 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:49 p.m.

7.2

CVSS4.0

CVE-2024-48844 - Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:41 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:49 p.m.

7.6

CVSS4.0

CVE-2024-48843 - Denial of Service, DoS

Denial of Service vulnerabilities where found providing a potiential for device service disruptions.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:40 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:49 p.m.

9.3

CVSS4.0

CVE-2024-48840 - Unauthorized Access

Unauthorized Access vulnerabilities allow Remote Code Execution.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:38 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:49 p.m.

9.3

CVSS4.0

CVE-2024-48839 - Remote Code Execution, RCE

Improper Input Validation vulnerability allows Remote Code Execution.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:37 p.m. ๐Ÿ”„ Last Modified: Dec. 5, 2024, 6:49 p.m.

9.3

CVSS4.0

CVE-2024-11317 - PHP Session Fixation

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:36 p.m. ๐Ÿ”„ Last Modified: April 10, 2025, 6:15 p.m.

5.4

CVSS4.0

CVE-2024-12094 - Information Disclosure Vulnerability in Tinxy

This vulnerability exists in the Tinxy mobile app due to storage of logged-in user information in plaintext on the device database. An attacker with physical access to the rooted device could exploit this vulnerability by accessing its database leading to unauthorized access of user information sucโ€ฆ

๐Ÿ“… Published: Dec. 5, 2024, 12:27 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.7

CVSS4.0

CVE-2024-11316 - Filesize Check

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:27 p.m. ๐Ÿ”„ Last Modified: April 10, 2025, 7:18 p.m.

8.7

CVSS4.0

CVE-2024-6784 - SSRF Server Side Request Forgery

Server-Side Request Forgery vulnerabilities were found providing a potential for access to unauthorized resources and unintended information disclosure.ย  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

๐Ÿ“… Published: Dec. 5, 2024, 12:25 p.m. ๐Ÿ”„ Last Modified: April 10, 2025, 6:59 p.m.
Total resulsts: 346102
Page 7308 of 34,611
ยซ previous page ยป next page
Filters