Aggregator

Submit #433513 / VDB-282629

Submit #433510 / VDB-282628

Submit #433509 / VDB-282627

Submit #433500 / VDB-282626

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-10613. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.java. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2024-10612. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2024-10611. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2024-10610. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Новые версии плагина стали ловушкой для пользователей.

A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. This vulnerability is uniquely identified as CVE-2024-10609. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Met een Koninklijk Besluit werd op deze dag, 80 jaar geleden, de Marine Vrouwen Afdeling (Marva) opgericht. Reden voor de zeemacht om stil te staan bij dit bijzondere jubileum. Dat gebeurde met de presentatie van het boek ’80 jaar vrouwen bij de Koninklijke Marine’. Ook werd er een gelijknamige expositie geopend. 

A Threat Actor Allegedly Leaked Data of Topitop

A vulnerability, which was classified as critical, has been found in DrayTek Vigor 3900 1.5.1.3. Affected by this issue is the function acme_process of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-51260. The attack may be launched remotely. There is no exploit available.

Submit #431329 / VDB-282625

Submit #431328 / VDB-282624

Submit #431327 / VDB-282623

A vulnerability classified as critical was found in DrayTek Vigor 3900 1.5.1.3. Affected by this vulnerability is the function ruequest_certificate of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is known as CVE-2024-51255. The attack can be launched remotely. There is no exploit available.

Submit #431326 / VDB-282622

A vulnerability classified as critical has been found in HashiCorp Vault and Vault Enterprise up to 1.18.0. Affected is an unknown function of the component API Endpoint. The manipulation leads to not failing securely. This vulnerability is traded as CVE-2024-8185. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.