CVE

CVE Alert: CVE-2024-50345

November 7, 2024

Vulnerability Summary: CVE-2024-50345 symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP...

CVE Alert: CVE-2024-51736

November 7, 2024

Vulnerability Summary: CVE-2024-51736 Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows,...

CVE Alert: CVE-2024-51024

November 6, 2024

Vulnerability Summary: CVE-2024-51024 D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the HostName parameter in the...

CVE Alert: CVE-2024-52029

November 6, 2024

Vulnerability Summary: CVE-2024-52029 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at genie_pptp.cgi. This...

CVE Alert: CVE-2024-52028

November 6, 2024

Vulnerability Summary: CVE-2024-52028 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at wiz_pptp.cgi. This...

CVE Alert: CVE-2024-52030

November 6, 2024

Vulnerability Summary: CVE-2024-52030 Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. This...

CVE Alert: CVE-2024-52026

November 6, 2024

Vulnerability Summary: CVE-2024-52026 Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via...

CVE Alert: CVE-2024-52025

November 6, 2024

Vulnerability Summary: CVE-2024-52025 Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via...

CVE Alert: CVE-2024-52022

November 6, 2024

Vulnerability Summary: CVE-2024-52022 Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a command...

CVE Alert: CVE-2023-29119

November 6, 2024

Vulnerability Summary: CVE-2023-29119 Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php. Affected...

CVE Alert: CVE-2024-52024

November 6, 2024

Vulnerability Summary: CVE-2024-52024 Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via...

CVE Alert: CVE-2024-52023

November 6, 2024

Vulnerability Summary: CVE-2024-52023 Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a stack overflow via...

CVE Alert: CVE-2023-29125

November 6, 2024

Vulnerability Summary: CVE-2023-29125 A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. Affected...

CVE Alert: CVE-2023-29116

November 6, 2024

Vulnerability Summary: CVE-2023-29116 Under certain conditions, through a request directed to the Waybox Enel X web management application, information like...

CVE Alert: CVE-2023-29117

November 6, 2024

Vulnerability Summary: CVE-2023-29117 Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox...

CVE Alert: CVE-2023-29118

November 6, 2024

Vulnerability Summary: CVE-2023-29118 Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php. Affected...

CVE Alert: CVE-2023-29126

November 6, 2024

Vulnerability Summary: CVE-2023-29126 The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute...

CVE Alert: CVE-2023-29120

November 6, 2024

Vulnerability Summary: CVE-2023-29120 Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s...

CVE Alert: CVE-2024-49522

November 6, 2024

Vulnerability Summary: CVE-2024-49522 Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result...

CVE Alert: CVE-2024-48312

November 6, 2024

Vulnerability Summary: CVE-2024-48312 WebLaudos v20.8 (118) was discovered to contain a cross-site scripting (XSS) vulnerability via the login page. Affected...

CVE Alert: CVE-2023-29121

November 6, 2024

Vulnerability Summary: CVE-2023-29121 Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system. Affected...

CVE Alert: CVE-2023-29122

November 6, 2024

Vulnerability Summary: CVE-2023-29122 Under certain conditions, access to service libraries is granted to account they should not have access to....

CVE Alert: CVE-2024-51739

November 6, 2024

Vulnerability Summary: CVE-2024-51739 Combodo iTop is a simple, web based IT Service Management tool. Unauthenticated user can perform users enumeration,...

CVE Alert: CVE-2024-9579

November 6, 2024

Vulnerability Summary: CVE-2024-9579 A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly...

CVE

CVE Alert: CVE-2024-50345

CVE Alert: CVE-2024-51736

CVE Alert: CVE-2024-51024

CVE Alert: CVE-2024-52029

CVE Alert: CVE-2024-52028

CVE Alert: CVE-2024-52030

CVE Alert: CVE-2024-52026

CVE Alert: CVE-2024-52025

CVE Alert: CVE-2024-52022

CVE Alert: CVE-2023-29119

CVE Alert: CVE-2024-52024

CVE Alert: CVE-2024-52023

CVE Alert: CVE-2023-29125

CVE Alert: CVE-2023-29116

CVE Alert: CVE-2023-29117

CVE Alert: CVE-2023-29118

CVE Alert: CVE-2023-29126

CVE Alert: CVE-2023-29120

CVE Alert: CVE-2024-49522

CVE Alert: CVE-2024-48312

CVE Alert: CVE-2023-29121

CVE Alert: CVE-2023-29122

CVE Alert: CVE-2024-51739

CVE Alert: CVE-2024-9579

CISA: Microsoft Releases December 2024 Security Updates

CISA: Cisco Releases Security Updates for NX-OS Software

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: ASD’s ACSC, CISA, and US and International Partners Release Guidance on Choosing Secure and Verifiable Technologies

You may have missed