|
308921
|
7.5 |
HIGH
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configura…
|
NVD-CWE-noinfo
|
CVE-2024-28799
|
2024-09-21 19:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308922
|
4.1 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-38382
|
2024-09-21 19:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308923
|
8.8 |
HIGH
Local
|
siemens
|
omnivise_t3000_whitelisting_server
omnivise_t3000_thin_client
omnivise_t3000_product_data_management
omnivise_t3000_domain_controller
omnivise_t3000_application_server
omnivise_t3000_t…
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-38877
|
2024-09-21 08:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308924
|
9.8 |
CRITICAL
Network
|
siemens
|
omnivise_t3000_application_server
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system expos…
|
NVD-CWE-noinfo
|
CVE-2024-38879
|
2024-09-21 08:26 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308925
|
9.1 |
CRITICAL
Network
|
wcms
|
wcms
|
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p…
|
CWE-22
Path Traversal
|
CVE-2024-8875
|
2024-09-21 07:44 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308926
|
7.5 |
HIGH
Network
|
smart-hmi
|
webiq
|
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
|
CWE-22
Path Traversal
|
CVE-2024-8752
|
2024-09-21 07:42 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308927
|
9.1 |
CRITICAL
Network
|
nextcloud
|
desktop
|
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
|
NVD-CWE-noinfo
|
CVE-2024-46958
|
2024-09-21 07:41 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308928
|
9.8 |
CRITICAL
Network
|
man
|
d-tale
|
D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrad…
|
NVD-CWE-noinfo
|
CVE-2024-45595
|
2024-09-21 04:59 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308929
|
8.8 |
HIGH
Network
|
nixos
|
nix
|
Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to a…
|
CWE-22
Path Traversal
|
CVE-2024-45593
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308930
|
6.1 |
MEDIUM
Network
|
damienharper
|
auditor-bundle
|
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45592
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
