|
281
|
8.8 |
HIGH
Network
|
sap
|
netweaver_application_server_java
|
The User Admin application of SAP NetWeaver AS for Java - version 7.50, insufficiently validates and improperly encodes the incoming URL parameters before including them into the redirect URL. This r…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-22126
|
2024-10-11 00:56 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282
|
8.1 |
HIGH
Network
|
microsoft
|
windows_10_22h2
windows_10_21h2
windows_11_22h2
windows_11_22h3
windows_server_2022
windows_server_23h2
windows_11_23h2
windows_server_2019
windows_10_1809
windows_11_24h2<…
|
Windows MSHTML Platform Spoofing Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43573
|
2024-10-11 00:54 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283
|
6.5 |
MEDIUM
Network
|
ellucian
|
banner
|
Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2023-49339
|
2024-10-11 00:47 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284
|
5.5 |
MEDIUM
Local
|
siemens
|
parasolid
|
A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). The affected applications contain a null pointer dereference vulnerabili…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-22043
|
2024-10-11 00:44 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285
|
7.5 |
HIGH
Network
huawei
|
emui
harmonyos
|
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39389
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
286
|
7.5 |
HIGH
Network
huawei
|
emui
harmonyos
|
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39388
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
287
|
7.5 |
HIGH
Network
huawei
|
emui
harmonyos
|
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39382
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
288
|
7.5 |
HIGH
Network
huawei
|
emui
harmonyos
|
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39381
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
289
|
7.5 |
HIGH
Network
huawei
|
harmonyos
emui
|
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.
Update
|
CWE-287
Improper Authentication
|
CVE-2023-39380
|
2024-10-11 00:35 |
2023-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
290
|
7.2 |
HIGH
Network
|
apache
|
airflow_cncf_kubernetes
|
Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection.
In order to exploit this weakness, a …
Update
|
CWE-74
Injection
|
CVE-2023-33234
|
2024-10-11 00:35 |
2023-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
