Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2024
CVE-2024-53673
A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.
CVSS Score
8.1
EPSS Score
0.01
Published
2024-11-26
CVE-2024-53674
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.002
Published
2024-11-26
CVE-2024-53675
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.044
Published
2024-11-26
CVE-2024-11622
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-11-26
CVE-2024-11744
A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-11-26
CVE-2024-11745
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-11-26
CVE-2024-49052
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
CVSS Score
8.2
EPSS Score
0.034
Published
2024-11-26
CVE-2024-49053
Microsoft Dynamics 365 Sales Spoofing Vulnerability
CVSS Score
7.6
EPSS Score
0.002
Published
2024-11-26
CVE-2024-49035
Known exploited
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
CVSS Score
8.7
EPSS Score
0.04
Published
2024-11-26
CVE-2024-49038
Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.
CVSS Score
9.3
EPSS Score
0.003
Published
2024-11-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved