CyberSecurityBoard
Sponsor Register Login

CVE-2024-2412

The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registration is supposed to be disabled.

Publication date: Wed, 13 Mar 2024 08:15:00 +0000


Cyber News related to CVE-2024-2412

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
3 months ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
10 months ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
10 months ago Cisa.gov
CVE-2024-2412 - The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registration is supposed to be disabled. ...
3 months ago
CVE-2012-2412 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4531. Reason: This candidate is a duplicate of CVE-2012-4531. Notes: All CVE users should reference CVE-2012-4531 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2009-2411 - Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger ...
7 years ago
CVE-2014-0451 - Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412. ...
2 years ago
CVE-2014-2412 - Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than ...
2 years ago
CVE-2002-2412 - Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts. ...
16 years ago
CVE-2010-2412 - Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. ...
14 years ago
CVE-2011-2412 - Unspecified vulnerability in HP Business Service Automation (BSA) Essentials 2.01 allows remote attackers to execute arbitrary code via unknown vectors. ...
12 years ago
CVE-2016-2412 - include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01, mishandles certain crashes, which allows attackers to gain privileges via a crafted ...
8 years ago
CVE-2004-2412 - Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp. ...
7 years ago
CVE-2005-2412 - PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter. ...
7 years ago
CVE-2008-2412 - SQL injection vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
7 years ago
CVE-2015-2412 - Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability." ...
6 years ago
CVE-2007-2412 - ** DISPUTED ** Directory traversal vulnerability in modules/file.php in Seir Anphin allows remote attackers to obtain sensitive information via a .. (dot dot) in the a[filepath] parameter. NOTE: a third party has disputed this issue because the a ...
6 years ago
CVE-2006-2412 - The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read). ...
6 years ago
CVE-2017-2412 - An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "iTunes Store" component. It allows man-in-the-middle attackers to modify the client-server data stream to iTunes sandbox web services by ...
5 years ago
CVE-2018-2412 - SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. ...
5 years ago
CVE-2019-2412 - Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Object Store). The supported version that is affected is prior to 8.8.2. Difficult to exploit vulnerability allows high privileged ...
4 years ago
CVE-2021-2412 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple ...
3 years ago
CVE-2013-2412 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to ...
2 years ago
CVE-2022-2412 - The Better Tag Cloud WordPress plugin through 0.99.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is ...
2 years ago
CVE-2009-2412 - Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)