Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37661 | 2024-07-03 | N/A | 6.3 MEDIUM | ||
| TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages. | |||||
| CVE-2024-26131 | 2024-02-29 | N/A | 8.4 HIGH | ||
| Element Android is an Android Matrix Client. Element Android version 1.4.3 through 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making Element Android display an arbitrary web page, executing arbitrary JavaScript; bypassing PIN code protection; and account takeover by spawning a login screen to send credentials to an arbitrary home server. This issue is fixed in Element Android 1.6.12. There is no known workaround to mitigate the issue. | |||||
| CVE-2024-0009 | 2024-02-15 | N/A | 6.3 MEDIUM | ||
| An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address. | |||||
| CVE-2023-51440 | 2024-02-13 | N/A | 7.5 HIGH | ||
| A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions), SIMATIC CP 343-1 Lean (6GK7343-1CX10-0XE0) (All versions), SIPLUS NET CP 343-1 (6AG1343-1EX30-7XE0) (All versions), SIPLUS NET CP 343-1 Lean (6AG1343-1CX10-2XE0) (All versions). Affected products incorrectly validate TCP sequence numbers. This could allow an unauthenticated remote attacker to create a denial of service condition by injecting spoofed TCP RST packets. | |||||
| CVE-2022-4800 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 6.5 MEDIUM |
| Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2022-4848 | 1 Usememos | 1 Memos | 2023-01-05 | N/A | 5.7 MEDIUM |
| Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. | |||||
| CVE-2021-41038 | 1 Eclipse | 1 Theia | 2021-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage(). | |||||