Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36390 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-23 | N/A | 7.5 HIGH |
| MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service | |||||
| CVE-2024-27776 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') may allow Unauthenticated RCE | |||||
| CVE-2024-36392 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 6.1 MEDIUM |
| MileSight DeviceHub - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2024-36389 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2025-04-10 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication Bypass | |||||
| CVE-2024-36388 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 9.8 CRITICAL |
| MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function | |||||
| CVE-2024-36391 | 2 Canonical, Milesight | 2 Ubuntu Linux, Devicehub | 2024-11-21 | N/A | 7.4 HIGH |
| MileSight DeviceHub - CWE-320: Key Management Errors may allow Authentication Bypass and Man-In-The-Middle Traffic | |||||