|
314211
|
9.8 |
CRITICAL
Network
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploi…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-39583
|
2024-09-17 00:42 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314212
|
6.7 |
MEDIUM
Local
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, lead…
|
NVD-CWE-noinfo
|
CVE-2024-39580
|
2024-09-17 00:40 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314213
|
4.4 |
MEDIUM
Local
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to In…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-39582
|
2024-09-17 00:36 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314214
|
6.5 |
MEDIUM
Network
|
snowflake
|
streamlit
|
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Stre…
|
CWE-22
Path Traversal
|
CVE-2024-42474
|
2024-09-16 23:30 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314215
|
4.3 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
openpages_with_watson
|
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.
|
NVD-CWE-Other
|
CVE-2024-27257
|
2024-09-16 23:26 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314216
|
6.5 |
MEDIUM
Local
|
theforeman
|
foreman
|
A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the ne…
|
CWE-77
Command Injection
|
CVE-2024-7700
|
2024-09-16 23:20 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314217
|
4.3 |
MEDIUM
Network
|
sap
|
oil_\%\/_gas
|
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow…
|
CWE-862
Missing Authorization
|
CVE-2024-44112
|
2024-09-16 23:19 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314218
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impa…
|
CWE-862
Missing Authorization
|
CVE-2024-41728
|
2024-09-16 23:14 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314219
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiali…
|
CWE-863
Incorrect Authorization
|
CVE-2024-44114
|
2024-09-16 23:09 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314220
|
5.4 |
MEDIUM
Network
|
jayesh
|
online_exam_system
|
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "em…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40478
|
2024-09-16 22:46 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
