|
1721
|
6.1 |
MEDIUM
Network
|
theeventprime
|
eventprime
|
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in EventPrime Events EventPrime.This issue affects EventPrime: from n/a through 4.0.4.5.
|
CWE-601
Open Redirect
|
CVE-2024-47648
|
2024-11-14 10:53 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1722
|
6.1 |
MEDIUM
Network
|
microsoft
|
nugetgallery
|
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HT…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47604
|
2024-11-14 08:17 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1723
|
7.5 |
HIGH
Network
siemens
|
simatic_cp_1543-1_firmware
|
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unau…
|
CWE-863
Incorrect Authorization
|
CVE-2024-50310
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1724
|
7.3 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47942
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1725
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47941
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1726
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47940
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1727
|
6.5 |
MEDIUM
Local
|
siemens
|
sinec_nms
|
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47808
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1728
|
7.8 |
HIGH
Local
|
siemens
|
siport
|
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders.
This could allow a local attacker with …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47783
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1729
|
8.1 |
HIGH
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or …
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-46892
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1730
|
9.1 |
CRITICAL
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could al…
|
CWE-78
OS Command
|
CVE-2024-46890
|
2024-11-14 08:12 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
