U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,239 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2024-3039

A vulnerability classified as critical has been found in Shanghai Brad Technology BladeX 3.4.0. Affected is an unknown function of the file /api/blade-user/export-user of the component API. The manipulation with the input updatexml(1,concat(0x3f,md5(123456),0x3f),1)=1 leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258426 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31140

In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31139

In JetBrains TeamCity before 2024.03 xXE was possible in the Maven build steps detector

Published: March 28, 2024; 11:15:48 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31138

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31137

In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31136

In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31135

In JetBrains TeamCity before 2024.03 open redirect was possible on the login page

Published: March 28, 2024; 11:15:47 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31134

In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could register other users when self-registration was disabled

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30612

Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30604

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30603

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30602

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30601

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30600

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30599

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30598

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30597

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-0259

Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.

Published: March 28, 2024; 11:15:46 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-45715

The console may experience a service interruption when processing file names with invalid characters.

Published: March 28, 2024; 11:15:45 AM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-45706

An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.

Published: March 28, 2024; 11:15:45 AM -0400
V3.x:(not available)
V2.0:(not available)