U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,280 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2024-3040

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. This affects an unknown part of the file /admin/list_crl_conf. The manipulation of the argument CRLId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258429 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-3039

A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml(1,concat(0x3f,md5(123456),0x3f),1)=1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258426 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31140

In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31139

In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31137

In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31136

In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31135

In JetBrains TeamCity before 2024.03 open redirect was possible on the login page

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31134

In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30612

Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30604

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30603

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30602

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30601

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30600

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30599

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30598

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30597

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-0259

Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-45715

The console may experience a service interruption when processing file names with invalid characters.

Published: March 28, 2024; 11:15:45 AM -0400
V3.x:(not available)
V2.0:(not available)