4.4
CVE-2023-20093 - Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Overwrite Vulnerability
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. These vulnerabilities are due to improper access controls on files that are on the local file system. An β¦
4.3
CVE-2023-20094 - Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device. This vulnerability exists because the affected software performs improper bounds checks. An attacker could exploit this vulnerability by sendβ¦
6.3
CVE-2024-52555 -
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script
6.9
CVE-2024-11243 - code-projects Online Shop Store signup.php cross site scripting
A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the input <svg%20onload=alert(document.cookie)> leads to cross site scripting. It is possible to initiate tβ¦
8.6
CVE-2023-20125 - Cisco BroadWorks Network Server TCP Denial of Service Vulnerability
A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. This vulnerability exists because rate limiting does not occur for certain incoming TCP connections.β¦
9.1
CVE-2023-20154 - Cisco Modeling Labs External Authentication Bypass Vulnerability
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges. This vulnerability is due to the improper handling of certain messages that are returned by the associated eβ¦
5.3
CVE-2024-20373 - Cisco IOS and Cisco IOS XE SNMP Extended ACL Bypass Vulnerability
A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) IPv4 access control list (ACL) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deβ¦
5.9
CVE-2024-43189 - IBM Concert Software information disclosure
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
6.1
CVE-2024-41785 - IBM Concert cross-site scripting
IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.1
CVE-2024-11242 - ZZCMS Keyword Filtering ad_list.php sql injection
A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filtering. The manipulation of the argument keyword leads to sql injection. The attack may be launched remβ¦