2481
|
7.2 |
HIGH
Network
|
ibm
|
storage_defender_resiliency_service
|
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-50957
|
2024-09-21 04:15 |
2024-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2482
|
8.8 |
HIGH
Adjacent
|
ibm
|
tivoli_application_dependency_discovery_manager
|
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. …
|
CWE-863
Incorrect Authorization
|
CVE-2023-47142
|
2024-09-21 04:15 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2483
|
8.8 |
HIGH
Network
|
ibm
|
openpages_with_watson
|
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-pu…
|
CWE-285
Improper Authorization
|
CVE-2023-40683
|
2024-09-21 04:15 |
2024-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2484
|
5.5 |
MEDIUM
Local
|
ibm
|
aix vios
|
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-40371
|
2024-09-21 04:15 |
2023-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2485
|
6.5 |
MEDIUM
Network
|
brainstormforce
|
starter_templates
|
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5;…
|
CWE-862
Missing Authorization
|
CVE-2023-41805
|
2024-09-21 04:07 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2486
|
8.8 |
HIGH
Network
|
brainstormforce
|
astra
|
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
|
CWE-862
Missing Authorization
|
CVE-2023-44148
|
2024-09-21 04:05 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2487
|
7.5 |
HIGH
Network
conduit
|
conduit
|
Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
|
CWE-346
Origin Validation Error
|
CVE-2024-6301
|
2024-09-21 03:58 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2488
|
9.8 |
CRITICAL
Network
microsoft
|
windows_10_1809 windows_server_2019 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_23h2 windows_server_2022_23h2 windows_11_…
|
Windows TCP/IP Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-21416
|
2024-09-21 03:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2489
|
5.5 |
MEDIUM
Local
|
conduit
|
conduit
|
Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to sen…
|
NVD-CWE-Other
|
CVE-2024-6302
|
2024-09-21 03:42 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2490
|
5.4 |
MEDIUM
Network
|
librenms
|
librenms
|
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.
|
CWE-79
Cross-site Scripting
|
CVE-2023-4979
|
2024-09-21 03:35 |
2023-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|