CVE-2024-57426

CVE-2024-57426

Título es
CVE-2024-57426

Jue, 06/02/2025 – 20:15

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-57426

Descripción en
NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing an attacker to execute arbitrary code by placing a malicious DLL in a directory where the application loads dependencies. This vulnerability arises due to the improper validation of dynamically loaded libraries.

06/02/2025
06/02/2025
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

  • https://github.com/iamsinghmanish/My-CVEs/tree/main/CVE-2024-57426

  • https://sourceforge.net/projects/netmodhttp/

    • Enviar en el boletín
    Off

    CVE-2024-52892

    CVE-2024-52892

    Título es
    CVE-2024-52892

    Jue, 06/02/2025 – 20:15

    Tipo
    CWE-79

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-52892

    Descripción en
    IBM Jazz for Service Management 1.1.3 through 1.1.3.23 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

    06/02/2025
    06/02/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://www.ibm.com/support/pages/node/7182508

    • Enviar en el boletín
    Off

    CVE-2024-47258

    CVE-2024-47258

    Título es
    CVE-2024-47258

    Jue, 06/02/2025 – 20:15

    Tipo
    CWE-300

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-47258

    Descripción en
    2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices.

    06/02/2025
    06/02/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    8.10

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    HIGH

    Referencias

  • https://www.2n.com/en-GB/download/cve_2024_47258_acom_3_3_v1pdf

    • Enviar en el boletín
    Off

    CVE-2024-47256

    CVE-2024-47256

    Título es
    CVE-2024-47256

    Jue, 06/02/2025 – 20:15

    Tipo
    CWE-321

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-47256

    Descripción en
    Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin access privileges) to read hardcoded AES passphrase, which may be used for decryption of certain data within backup files of 2N Access Commander version 1.14 and older.

    06/02/2025
    06/02/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

    Gravedad 3.1 (CVSS 3.1 Base Score)
    6.00

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://www.2n.com/en-GB/download/cve_2024_47256_acom_3_3_v1pdf

    • Enviar en el boletín
    Off

    CVE-2024-13417

    CVE-2024-13417

    Título es
    CVE-2024-13417

    Jue, 06/02/2025 – 20:15

    Tipo
    CWE-248

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-13417

    Descripción en
    Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device is restarted, it gets back to fully working state.

    06/02/2025
    06/02/2025
    Vector CVSS:3.1
    CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    Gravedad 3.1 (CVSS 3.1 Base Score)
    4.60

    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    MEDIUM

    Referencias

  • https://www.2n.com/en-GB/download/cve_2024_1341x_2nos_2_46_v1pdf

    • Enviar en el boletín
    Off

    CVE-2025-23093

    CVE-2025-23093

    Título es
    CVE-2025-23093

    Jue, 06/02/2025 – 20:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-23093

    Descripción en
    The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and V11 through R0.22.1 could allow an authenticated attacker to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges.

    06/02/2025
    06/02/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001

    • Enviar en el boletín
    Off

    CVE-2025-22936

    CVE-2025-22936

    Título es
    CVE-2025-22936

    Jue, 06/02/2025 – 20:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-22936

    Descripción en
    An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.

    06/02/2025
    06/02/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • home



  • https://sec.stanev.org/advisories/Smartcom_default_WPA_password.txt

    • Enviar en el boletín
    Off

    CVE-2024-57673

    CVE-2024-57673

    Título es
    CVE-2024-57673

    Jue, 06/02/2025 – 20:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-57673

    Descripción en
    An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module and Linkdiscovery module

    06/02/2025
    06/02/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/floodlight/floodlight/issues/872

    • Enviar en el boletín
    Off

    CVE-2024-57672

    CVE-2024-57672

    Título es
    CVE-2024-57672

    Jue, 06/02/2025 – 20:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2024-57672

    Descripción en
    An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topologylnstance module, Routing module.

    06/02/2025
    06/02/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/floodlight/floodlight/issues/871

    • Enviar en el boletín
    Off

    CVE-2025-22992

    CVE-2025-22992

    Título es
    CVE-2025-22992

    Jue, 06/02/2025 – 19:15

    Gravedad 2.0 Txt
    Pendiente de análisis

    Título en

    CVE-2025-22992

    Descripción en
    A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific conditions.

    06/02/2025
    06/02/2025
    Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
    Pendiente de análisis

    Referencias

  • https://github.com/emoncms/emoncms/issues/1916

    • Enviar en el boletín
    Off