1831
|
5.5 |
MEDIUM
Local
|
x.org redhat fedoraproject
|
libx11 enterprise_linux fedora
|
A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of me…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-43785
|
2024-09-17 00:15 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1832
|
7.5 |
HIGH
Network
lenovo
|
nextscale_n1200_enclosure_firmware thinkagile_cp-cb-10_firmware thinkagile_cp-cb-10e_firmware thinkagile_hx_enclosure_certified_node_firmware thinkagile_vx_enclosure_firmware thinksyst…
|
An unauthenticated denial of service vulnerability exists in the SMM v1, SMM v2, and FPC management web server which can be triggered under crafted conditions. Rebooting SMM or FPC will restore acc…
|
NVD-CWE-noinfo
|
CVE-2023-2992
|
2024-09-17 00:15 |
2023-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1833
|
8.8 |
HIGH
Network
|
datagear
|
datagear
|
A vulnerability, which was classified as problematic, has been found in DataGear up to 4.7.0/5.1.0. Affected by this issue is some unknown functionality of the component JDBC Server Handler. The mani…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2023-2042
|
2024-09-17 00:15 |
2023-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1834
|
6.7 |
MEDIUM
Local
|
lenovo
|
thinkpad_e14_firmware thinkpad_e14_gen_2_firmware thinkpad_e14_gen_4_firmware thinkpad_e15_firmware thinkpad_e15_gen_2_firmware thinkpad_e15_gen_4_firmware thinkpad_e490_firmware
|
A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2023-2290
|
2024-09-17 00:15 |
2023-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1835
|
6.5 |
MEDIUM
Network
|
snowflake
|
streamlit
|
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Stre…
|
CWE-22
Path Traversal
|
CVE-2024-42474
|
2024-09-16 23:30 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1836
|
4.3 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform openpages_with_watson
|
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.
|
NVD-CWE-Other
|
CVE-2024-27257
|
2024-09-16 23:26 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1837
|
6.5 |
MEDIUM
Local
|
theforeman
|
foreman
|
A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the ne…
|
CWE-77
Command Injection
|
CVE-2024-7700
|
2024-09-16 23:20 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1838
|
4.3 |
MEDIUM
Network
|
sap
|
oil_\%\/_gas
|
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow…
|
CWE-862
Missing Authorization
|
CVE-2024-44112
|
2024-09-16 23:19 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1839
|
5.4 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Stored XSS in Checkmk before versions 2.3.0p8, 2.2.0p29, 2.1.0p45, and 2.0.0 (EOL) allows users to execute arbitrary scripts by injecting HTML elements
|
CWE-79
Cross-site Scripting
|
CVE-2024-6052
|
2024-09-16 23:15 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1840
|
6.5 |
MEDIUM
Network
|
redhat infinispan
|
data_grid jboss_data_grid infinispan
|
A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. An authenticated attacker with sufficient permissions could insert a maliciously constructed objec…
|
NVD-CWE-Other
|
CVE-2023-5236
|
2024-09-16 23:15 |
2023-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|