Filtered by NVD-CWE-noinfo
Filtered by vendor Subscriptions
Total 30220 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-41332 2 Oretnom23, Sourcecodester 2 Computer Laboratory Management System, Computer Laboratory Management System 2024-08-21 6.5 Medium
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete categories.
CVE-2024-7842 2 Sourcecodester, Tamparongj 03 2 Online Graduate Tracer System, Online Graduate Tracer System 2024-08-21 5.3 Medium
A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. This issue affects some unknown processing of the file /tracking/admin/export_it.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-7843 2 Sourcecodester, Tamparongj 03 2 Online Graduate Tracer System, Online Graduate Tracer System 2024-08-21 5.3 Medium
A vulnerability, which was classified as problematic, was found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file /tracking/admin/exportcs.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-42006 1 Keyfactor 1 Aws Orchestrator 2024-08-21 7.5 High
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
CVE-2024-44076 1 Microcks 1 Microcks 2024-08-21 9.8 Critical
In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
CVE-2024-41723 1 F5 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more 2024-08-20 4.3 Medium
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2024-22069 1 Zte 4 Zxv10 Et301, Zxv10 Et301 Firmware, Zxv10 Xt802 and 1 more 2024-08-20 7.1 High
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.
CVE-2024-42032 1 Huawei 2 Emui, Harmonyos 2024-08-20 4.4 Medium
Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42031 1 Huawei 2 Emui, Harmonyos 2024-08-20 7.5 High
Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42030 1 Huawei 2 Emui, Harmonyos 2024-08-20 6.2 Medium
Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-32928 2 Google, Haxx 3 Nest Mini, Nest Mini Firmware, Libcurl 2024-08-20 5.9 Medium
The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through.
CVE-2024-42658 1 Nepstech 2 Ntpl-xpon1gfevn, Ntpl-xpon1gfevn Firmware 2024-08-20 8.8 High
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter
CVE-2023-24062 1 Dieboldnixdorf 1 Vynamic Security Suite 2024-08-19 6.8 Medium
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
CVE-2023-24064 1 Dieboldnixdorf 1 Vynamic Security Suite 2024-08-19 6.8 Medium
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
CVE-2024-6359 1 Opentext 1 Arcsight Intelligence 2024-08-19 6.4 Medium
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
CVE-2024-7799 2 Oretnom23, Sourcecodester 2 Simple Online Bidding System, Simple Online Bidding System 2024-08-19 5.3 Medium
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-39778 1 F5 22 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 19 more 2024-08-19 7.5 High
When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2024-39949 1 Dahuasecurity 115 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 112 more 2024-08-19 7.5 High
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
CVE-2024-39948 1 Dahuasecurity 115 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 112 more 2024-08-19 7.5 High
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
CVE-2024-39945 1 Dahuasecurity 112 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 109 more 2024-08-19 4.9 Medium
A vulnerability has been found in Dahua products.  After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.