Total
285 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-3764 | 2024-04-16 | 3.3 LOW | 2.7 LOW | ||
| ** DISPUTED ** A vulnerability classified as problematic has been found in Tuya SDK up to 5.0.x. Affected is an unknown function of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. Upgrading to version 5.1.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-260604. NOTE: The vendor explains that a malicious actor would have to crack TLS first or use a legitimate login to initiate the attack. | |||||
| CVE-2024-2995 | 2024-04-11 | 5.5 MEDIUM | 5.4 MEDIUM | ||
| A vulnerability was found in NUUO Camera up to 20240319 and classified as problematic. This issue affects some unknown processing of the file /deletefile.php. The manipulation of the argument filename leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258197 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-2363 | 2024-04-11 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in AOL AIM Triton 1.0.4. It has been declared as problematic. This vulnerability affects unknown code of the component Invite Handler. The manipulation of the argument CSeq leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256318 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-1199 | 1 Employee Task Management System Project | 1 Employee Task Management System | 2024-04-11 | 5.5 MEDIUM | 7.5 HIGH |
| A vulnerability has been found in CodeAstro Employee Task Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file \employee-tasks-php\attendance-info.php. The manipulation of the argument aten_id leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252697 was assigned to this vulnerability. | |||||
| CVE-2024-1195 | 1 Iobit | 1 Itop Vpn | 2024-04-11 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The identifier VDB-252685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1194 | 1 Armcode | 1 Alienip | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in Armcode AlienIP 2.41. Affected is an unknown function of the component Locate Host Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1193 | 1 Navicat | 1 Navicat | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252683. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1192 | 2024-04-11 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability was found in South River WebDrive 18.00.5057. It has been declared as problematic. This vulnerability affects unknown code of the component New Secure WebDAV. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-252682 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1191 | 2024-04-11 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability was found in Hyper CdCatalog 2.3.1. It has been classified as problematic. This affects an unknown part of the component HCF File Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-252681 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1190 | 1 Globalscape | 1 Cuteftp | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1189 | 1 Softaculous | 1 Ampps | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been found in AMPPS 2.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encryption Passphrase Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-252679. NOTE: The vendor explains that AMPPS 4.0 is a complete overhaul and the code was re-written. | |||||
| CVE-2024-1188 | 1 Rizonesoft | 1 Notepad3 | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in Rizone Soft Notepad3 1.0.2.350. Affected is an unknown function of the component Encryption Passphrase Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-252678 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1187 | 1 Munsoft | 1 Easy Outlook Express Recovery | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in Munsoft Easy Outlook Express Recovery 2.0. This issue affects some unknown processing of the component Registration Key Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252677 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1186 | 1 Munsoft | 1 Easy Archive Recovery | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1185 | 1 Nsasoft | 1 Network Bandwidth Monitor | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252675. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1184 | 1 Nsasoft | 1 Network Sleuth | 2024-04-11 | 1.7 LOW | 5.5 MEDIUM |
| A vulnerability was found in Nsasoft Network Sleuth 3.0.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Registration Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-252674 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-1017 | 1 Gabriels Ftp Server Project | 1 Gabriels Ftp Server | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Gabriels FTP Server 1.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument USERNAME leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-252287. | |||||
| CVE-2024-1016 | 1 Flexbyte | 1 Solar Ftp Server | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Solar FTP Server 2.1.1/2.1.2. It has been declared as problematic. This vulnerability affects unknown code of the component PASV Command Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-252286 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-0889 | 1 Kmint21 | 1 Golden Ftp Server | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was found in Kmint21 Golden FTP Server 2.02b and classified as problematic. This issue affects some unknown processing of the component PASV Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252041 was assigned to this vulnerability. | |||||
| CVE-2024-0888 | 1 10n | 1 Borgchat | 2024-04-11 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability, which was classified as problematic, was found in BORGChat 1.0.0 Build 438. This affects an unknown part of the component Service Port 7551. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252039. | |||||