2341
|
3.7 |
LOW
Network
|
conduit
|
conduit
|
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with times…
|
NVD-CWE-Other
|
CVE-2024-6299
|
2024-09-21 04:24 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2342
|
3.7 |
LOW
Network
|
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the a…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-6129
|
2024-09-21 04:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2343
|
- |
|
-
|
-
|
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-47712
|
2024-09-21 04:15 |
2024-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2344
|
- |
|
-
|
-
|
IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could disclose sensitive information using man in the middle techniques due to not corr…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-47742
|
2024-09-21 04:15 |
2024-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2345
|
- |
|
-
|
-
|
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user to gain the privileges of another user under unusual circumstances. IBM X-Force ID: 271656.
|
CWE-863
Incorrect Authorization
|
CVE-2023-47716
|
2024-09-21 04:15 |
2024-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2346
|
7.2 |
HIGH
Network
|
ibm
|
storage_defender_resiliency_service
|
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform unauthorized actions after obtaining encrypted data from clear text key storage. IBM X-Force ID: 275783.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-50957
|
2024-09-21 04:15 |
2024-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2347
|
8.8 |
HIGH
Adjacent
|
ibm
|
tivoli_application_dependency_discovery_manager
|
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. …
|
CWE-863
Incorrect Authorization
|
CVE-2023-47142
|
2024-09-21 04:15 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2348
|
8.8 |
HIGH
Network
|
ibm
|
openpages_with_watson
|
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-pu…
|
CWE-285
Improper Authorization
|
CVE-2023-40683
|
2024-09-21 04:15 |
2024-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2349
|
5.5 |
MEDIUM
Local
|
ibm
|
aix vios
|
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-40371
|
2024-09-21 04:15 |
2023-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2350
|
6.5 |
MEDIUM
Network
|
brainstormforce
|
starter_templates
|
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5;…
|
CWE-862
Missing Authorization
|
CVE-2023-41805
|
2024-09-21 04:07 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|