Skip to main content
CVE-2024-34218 LOW POC THREAT Monitor

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Cp450 Firmware
NVD GitHub
CVSS 3.1
3.8
EPSS
17.6%
CVE-2024-34203 LOW POC Monitor

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Cp450 Firmware
NVD GitHub
CVSS 3.1
3.8
EPSS
0.6%
CVE-2024-34079 LOW PATCH Monitor

octo-sts is a GitHub App that acts like a Security Token Service (STS) for the Github API. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
3.7
EPSS
0.6%
CVE-2024-34713 LOW PATCH Monitor

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection
NVD GitHub
CVSS 3.1
3.5
EPSS
0.4%
CVE-2024-33007 LOW Monitor

PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
3.5
EPSS
0.3%
CVE-2024-33000 LOW Monitor

SAP Bank Account Management does not perform necessary authorization check for an authorized user, resulting in escalation of privileges. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP
NVD
CVSS 3.1
3.5
EPSS
0.3%
CVE-2024-27839 LOW Monitor

A privacy issue was addressed by moving sensitive data to a more secure location. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD VulDB
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-27837 LOW Monitor

A downgrade issue was addressed with additional code-signing restrictions. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
3.3
EPSS
0.1%
CVE-2024-22343 LOW Monitor

IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Txseries For Multiplatform
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-27835 LOW Monitor

This issue was addressed through improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os
NVD VulDB
CVSS 3.1
2.4
EPSS
0.1%
CVE-2024-27803 LOW Monitor

A permissions issue was addressed with improved validation. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Authentication Bypass Ipados Iphone Os
NVD VulDB
CVSS 3.1
2.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy