391
|
5.5 |
MEDIUM
Local
|
synology
|
active_backup_for_business_agent
|
Missing authentication for critical function vulnerability in proxy settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential …
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-52949
|
2024-10-3 00:26 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
392
|
5.0 |
MEDIUM
Local
|
synology
|
active_backup_for_business_agent
|
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecifie…
Update
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2023-52948
|
2024-10-3 00:26 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
393
|
3.3 |
LOW
Local
|
synology
|
active_backup_for_business_agent
|
Missing authentication for critical function vulnerability in logout functionality in Synology Active Backup for Business Agent before 2.6.3-3101 allows local users to logout the client via unspecifi…
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-52947
|
2024-10-3 00:26 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
394
|
- |
|
-
|
-
|
DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically, (datadump-table-column-queued), (datadump-table-column-in-progress), (data…
New
|
CWE-79 CWE-80
Cross-site Scripting Basic XSS
|
CVE-2024-47612
|
2024-10-3 00:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
395
|
- |
|
-
|
-
|
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.
New
|
-
|
CVE-2024-44193
|
2024-10-3 00:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
396
|
8.8 |
HIGH
Network
|
freeipa
|
freeipa
|
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake r…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-2698
|
2024-10-3 00:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
397
|
5.5 |
MEDIUM
Local
|
opentext
|
identity_manager_azuread_driver
|
A vulnerability identified in OpenText™
Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22518
|
2024-10-3 00:10 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
398
|
7.5 |
HIGH
Network
netiq
|
identity_manager_rest_driver
|
Possible Insertion of Sensitive Information into Log File Vulnerability
in Identity Manager has been discovered in
OpenText™
Identity Manager REST Driver. This impact version before 1.1.2.0200.
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2022-26322
|
2024-10-3 00:03 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
399
|
9.8 |
CRITICAL
Network
rockwellautomation
|
factorytalk_batch_view
|
CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists due to shared secrets across accounts and could allow a threat
actor to impers…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45823
|
2024-10-2 23:49 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
400
|
8.3 |
HIGH
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain acces…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-0132
|
2024-10-2 23:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|