Security Vulnerabilities - CVEs Published In June 2024
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication verification.
CVSS Score
8.2
EPSS Score
0.001
Published
2024-06-14
LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-14
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-06-14
In MintHCM 4.0.3, a registered user can execute arbitrary JavaScript code and achieve a reflected Cross-site Scripting (XSS) attack.
CVSS Score
6.1
EPSS Score
0.008
Published
2024-06-14
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-06-14
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWiFiEasyGuestCfg.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-06-14
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid5g in the function setWizardCfg.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-06-14
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via eport in the function setIpPortFilterRules.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-06-14
Missing Authorization vulnerability in Brainstorm Force ProjectHuddle Client Site.This issue affects ProjectHuddle Client Site: from n/a through 1.0.34.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-14
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.24135.272.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-06-14