2651
|
8.8 |
HIGH
Adjacent
|
ibm
|
tivoli_application_dependency_discovery_manager
|
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. …
|
CWE-863
Incorrect Authorization
|
CVE-2023-47142
|
2024-09-21 04:15 |
2024-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2652
|
8.8 |
HIGH
Network
|
ibm
|
openpages_with_watson
|
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-pu…
|
CWE-285
Improper Authorization
|
CVE-2023-40683
|
2024-09-21 04:15 |
2024-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2653
|
5.5 |
MEDIUM
Local
|
ibm
|
aix vios
|
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2023-40371
|
2024-09-21 04:15 |
2023-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2654
|
6.5 |
MEDIUM
Network
|
brainstormforce
|
starter_templates
|
Missing Authorization vulnerability in Brainstorm Force Premium Starter Templates, Brainstorm Force Starter Templates astra-sites.This issue affects Premium Starter Templates: from n/a through 3.2.5;…
|
CWE-862
Missing Authorization
|
CVE-2023-41805
|
2024-09-21 04:07 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2655
|
8.8 |
HIGH
Network
|
brainstormforce
|
astra
|
Missing Authorization vulnerability in Brainstorm Force Astra Bulk Edit.This issue affects Astra Bulk Edit: from n/a through 1.2.7.
|
CWE-862
Missing Authorization
|
CVE-2023-44148
|
2024-09-21 04:05 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2656
|
7.5 |
HIGH
Network
conduit
|
conduit
|
Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs
|
CWE-346
Origin Validation Error
|
CVE-2024-6301
|
2024-09-21 03:58 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2657
|
9.8 |
CRITICAL
Network
microsoft
|
windows_10_1809 windows_server_2019 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_23h2 windows_server_2022_23h2 windows_11_…
|
Windows TCP/IP Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-21416
|
2024-09-21 03:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2658
|
5.5 |
MEDIUM
Local
|
conduit
|
conduit
|
Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to sen…
|
NVD-CWE-Other
|
CVE-2024-6302
|
2024-09-21 03:42 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2659
|
5.4 |
MEDIUM
Network
|
librenms
|
librenms
|
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.
|
CWE-79
Cross-site Scripting
|
CVE-2023-4979
|
2024-09-21 03:35 |
2023-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2660
|
8.8 |
HIGH
Network
|
conduit
|
conduit
|
Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins alias t…
|
CWE-862
Missing Authorization
|
CVE-2024-6303
|
2024-09-21 03:34 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|