Search
Search Results (4407 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8689 | 2024-09-12 | N/A | ||
| A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles. | ||||
| CVE-2024-32939 | 1 Mattermost | 1 Mattermost | 2024-08-23 | 4.3 Medium |
| Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server." | ||||
| CVE-2024-38891 | 1 Horizoncloud | 1 Caterease | 2024-08-20 | 9.1 Critical |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information. | ||||
| CVE-2024-42657 | 1 Nepstech | 2 Ntpl-xpon1gfevn, Ntpl-xpon1gfevn Firmware | 2024-08-20 | 7.5 High |
| An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process | ||||
| CVE-2024-31799 | 1 Gncchome | 3 Gncc C2, Gc2, Gncc C2 Firmware | 2024-08-16 | 4.6 Medium |
| Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port. | ||||
| CVE-2024-7408 | 1 Airveda | 2 Pm2.5 Pm10 Monitor, Pm2.5 Pm10 Monitor Firmware | 2024-08-13 | 6.5 Medium |
| This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode. An attacker in close proximity could exploit this vulnerability by capturing Wi-Fi traffic of Airveda-AP. Successful exploitation of this vulnerability could allow the attacker to cause Evil Twin attack on the targeted system. | ||||
| CVE-2024-32864 | 1 Johnsoncontrols | 1 Exacqvision Web Service | 2024-08-09 | 6.4 Medium |
| Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS) | ||||