1741
|
6.5 |
MEDIUM
Network
|
dell
|
data_domain_operating_system
|
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low…
|
NVD-CWE-noinfo
|
CVE-2024-37139
|
2024-09-24 06:02 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1742
|
3.5 |
LOW
Network
|
dell
|
data_domain_operating_system
|
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerab…
|
CWE-601
Open Redirect
|
CVE-2024-37141
|
2024-09-24 06:01 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1743
|
8.8 |
HIGH
Network
|
dell
|
data_domain_operating_system
|
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could pote…
|
CWE-78
OS Command
|
CVE-2024-37140
|
2024-09-24 06:01 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1744
|
4.4 |
MEDIUM
Local
|
dell
|
data_domain_operating_system
|
Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading…
|
CWE-89
SQL Injection
|
CVE-2024-29174
|
2024-09-24 06:00 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1745
|
8.8 |
HIGH
Network
|
dedecms
|
dedecms
|
An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2023-43226
|
2024-09-24 05:35 |
2023-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1746
|
5.4 |
MEDIUM
Network
|
e107
|
e107_cms
|
Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Ta…
|
CWE-79
Cross-site Scripting
|
CVE-2023-43874
|
2024-09-24 05:35 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1747
|
7.8 |
HIGH
Local
|
binalyze
|
irec
|
An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver.
|
NVD-CWE-noinfo
|
CVE-2023-41444
|
2024-09-24 05:35 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1748
|
7.2 |
HIGH
Network
|
fileorganizer
|
fileorganizer
|
The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server.
|
-
|
CVE-2023-3664
|
2024-09-24 05:35 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1749
|
7.5 |
HIGH
Network
oracle
|
sales_for_handhelds
|
Vulnerability in the Oracle Sales for Handhelds product of Oracle E-Business Suite (component: Pocket Outlook Sync(PocketPC)). Supported versions that are affected are 12.2.3-12.2.12. Easily exploit…
|
NVD-CWE-noinfo
|
CVE-2023-21855
|
2024-09-24 05:35 |
2023-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1750
|
- |
|
-
|
-
|
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects:
?Product
Affected Versions
LoadMaster
From 7.…
|
CWE-20
Improper Input Validation
|
CVE-2024-6658
|
2024-09-24 05:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|