61
|
6.5 |
MEDIUM
Network
|
ellucian
|
banner
|
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2023-49339
|
2024-10-11 00:47 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
62
|
5.5 |
MEDIUM
Local
|
siemens
|
parasolid
|
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). The affected applications contain a null pointer dereference vulnerabili…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-22043
|
2024-10-11 00:44 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
63
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39389
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
64
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39388
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
65
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39382
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
66
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39381
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
67
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.
Update
|
CWE-287
Improper Authentication
|
CVE-2023-39380
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
68
|
7.2 |
HIGH
Network
|
apache
|
airflow_cncf_kubernetes
|
Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection.
In order to exploit this weakness, a …
Update
|
CWE-74
Injection
|
CVE-2023-33234
|
2024-10-11 00:35 |
2023-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
69
|
8.8 |
HIGH
Network
|
google fedoraproject
|
chrome fedora
|
Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-416
Use After Free
|
CVE-2023-1533
|
2024-10-11 00:35 |
2023-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
70
|
8.8 |
HIGH
Network
|
google fedoraproject
|
chrome fedora
|
Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2023-1532
|
2024-10-11 00:35 |
2023-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|