2561
|
7.1 |
HIGH
Local
|
citrix
|
workspace
|
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privilege…
|
CWE-863
Incorrect Authorization
|
CVE-2024-42423
|
2024-09-21 04:42 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2562
|
8.1 |
HIGH
Network
|
fortinet
|
forticlient
|
AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 thr…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-31489
|
2024-09-21 04:41 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2563
|
7.8 |
HIGH
Local
|
sonicwall
|
netextender
|
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running…
|
NVD-CWE-noinfo
|
CVE-2023-44217
|
2024-09-21 04:35 |
2023-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2564
|
9.8 |
CRITICAL
Network
sandhillsdev
|
easy_digital_downloads
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a t…
|
CWE-89
SQL Injection
|
CVE-2024-5057
|
2024-09-21 04:31 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2565
|
5.3 |
MEDIUM
Network
conduit
|
conduit
|
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction
|
CWE-459
Incomplete Cleanup
|
CVE-2024-6300
|
2024-09-21 04:28 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2566
|
3.7 |
LOW
Network
|
conduit
|
conduit
|
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with times…
|
NVD-CWE-Other
|
CVE-2024-6299
|
2024-09-21 04:24 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2567
|
3.7 |
LOW
Network
|
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the a…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-6129
|
2024-09-21 04:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2568
|
- |
|
-
|
-
|
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-47712
|
2024-09-21 04:15 |
2024-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2569
|
- |
|
-
|
-
|
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not corr…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-47742
|
2024-09-21 04:15 |
2024-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2570
|
- |
|
-
|
-
|
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.
|
CWE-863
Incorrect Authorization
|
CVE-2023-47716
|
2024-09-21 04:15 |
2024-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|