|
1
|
- |
|
-
|
-
|
Dell NativeEdge, version(s) 2.1.0.0, contain(s) a Creation of Temporary File With Insecure Permissions vulnerability. A high privileged attacker with local access could potentially exploit this vulne…
New
|
CWE-378
Creation of Temporary File With Insecure Permissions
|
CVE-2024-52543
|
2024-12-26 01:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
- |
|
-
|
-
|
Dell ECS, version(s) prior to ECS 3.8.1.3, contain(s) an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerabili…
New
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-52534
|
2024-12-26 01:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
- |
|
-
|
-
|
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vuln…
New
|
CWE-1230
Exposure of Sensitive Information Through Metadata
|
CVE-2024-53291
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
5.5 |
MEDIUM
Local
|
-
|
-
|
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1
could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service.
New
|
CWE-362
Race Condition
|
CVE-2024-52906
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
- |
|
-
|
-
|
Dell SupportAssist for Home PCs versions 4.6.1 and prior and Dell SupportAssist for Business PCs versions 4.5.0 and prior, contain a symbolic link (symlink) attack vulnerability in the software remed…
New
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2024-52535
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
- |
|
-
|
-
|
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leadi…
New
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-47978
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
5.5 |
MEDIUM
Local
|
-
|
-
|
IBM AIX 7.2, 7.3, VIOS 3.1, and 4.1
could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service.
New
|
CWE-20
Improper Input Validation
|
CVE-2024-47102
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
- |
|
-
|
-
|
An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be a…
New
|
CWE-213
Exposure of Sensitive Information Due to Incompatible Policies
|
CVE-2023-5117
|
2024-12-26 00:15 |
2024-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remot…
Update
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2024-51464
|
2024-12-26 00:15 |
2024-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
6.1 |
MEDIUM
Network
|
-
|
-
|
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expo…
New
|
CWE-1022
Use of Web Link to Untrusted Target with window.opener Access
|
CVE-2024-39727
|
2024-12-25 23:15 |
2024-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
