IACI-CERT IACI-CERT Home IACI Tools Home
CVE | Vendor/Project | Product | Vulnerability Name | Description | Date Added |
---|---|---|---|---|---|
CVE-2024-37383 | Roundcube | Webmail | RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability | RoundCube Webmail contains a cross-site scripting (XSS) vulnerability in the handling of SVG animate attributes that allows a remote attacker to run malicious JavaScript code. | 2024-10-24 |
CVE-2024-20481 | Cisco | Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) | Cisco ASA and FTD Denial-of-Service Vulnerability | Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service. | 2024-10-24 |
CVE-2024-47575 | Fortinet | FortiManager | Fortinet FortiManager Missing Authentication Vulnerability | Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. | 2024-10-23 |
CVE-2024-38094 | Microsoft | SharePoint | Microsoft SharePoint Deserialization Vulnerability | Microsoft SharePoint contains a deserialization vulnerability that allows for remote code execution. | 2024-10-22 |
CVE-2024-9537 | ScienceLogic | SL1 | ScienceLogic SL1 Unspecified Vulnerability | ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component. | 2024-10-21 |