|
1
|
4.4 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which …
New
|
CWE-59
Link Following
|
CVE-2024-45770
|
2024-09-19 18:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
New
|
-
|
CVE-2024-45769
|
2024-09-19 18:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
- |
|
-
|
-
|
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by …
New
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-47089
|
2024-09-19 16:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
- |
|
-
|
-
|
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability b…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-47088
|
2024-09-19 16:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
- |
|
-
|
-
|
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. An authenticated remote attacker could exploit th…
New
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-47087
|
2024-09-19 16:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
- |
|
-
|
-
|
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this v…
New
|
-
|
CVE-2024-47086
|
2024-09-19 16:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
- |
|
-
|
-
|
This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters “cCdslClicentcode” and “cLdClientCode” in the API endpoint. An authenticated remote attac…
New
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-47085
|
2024-09-19 16:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
9.8 |
CRITICAL
Network
redhat
|
satellite
|
An authentication bypass vulnerability has been identified in Foreman when deployed with External Authentication, due to the puppet-foreman configuration. This issue arises from Apache's mod_proxy no…
Update
|
CWE-287
Improper Authentication
|
CVE-2024-7012
|
2024-09-19 15:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
9
|
6.5 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this e…
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-7079
|
2024-09-19 15:15 |
2024-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
6.8 |
MEDIUM
Network
|
qemu
redhat
|
qemu
enterprise_linux
|
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-6505
|
2024-09-19 15:15 |
2024-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
