CVE-2024-8785

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-648
View all →

Vulnerability Description

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Ipswitch\.

Related Vulnerabilities

CVE-2022-20965

MEDIUM
CVSS:5.4(Medium)

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interfa...

CWE-6482022

CVE-2022-24071

MEDIUM
CVSS:4.3(Medium)

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs.

CWE-6482022

CVE-2024-53007

MEDIUM
CVSS:6.4(Medium)

Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call.

CWE-6482024

CVE-2020-7927

MEDIUM
CVSS:6.5(Medium)

Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. This issue affects MongoDB Ops Manager v4.2 versions...

CWE-6482020

CVE-2023-20136

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator pr...

CWE-6482023

CVE-2024-46978

MEDIUM
CVSS:6.5(Medium)

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible for any user knowing the ID of a notification filter preference of another user, ...

CWE-6482024