|
151
|
6.7 |
MEDIUM
Local
|
intel
|
proset\/wireless_wifi
|
Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows before version 22.220 HF (Hot Fix) may allow a privileged user to potentially enable escalation of priv…
Update
|
NVD-CWE-noinfo
|
CVE-2023-28714
|
2024-10-17 23:35 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
152
|
7.8 |
HIGH
Local
|
intel
|
converged_security_management_engine_firmware
|
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2022-29871
|
2024-10-17 23:35 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
153
|
3.3 |
LOW
Local
|
amd
|
alveo_u50_firmware
alveo_u200_firmware
alveo_u250_firmware
alveo_u280_firmware
kintex_ultrascale\+_ku3p_firmware
kintex_ultrascale\+_ku5p_firmware
kintex_ultrascale\+_ku9p_firmware<…
|
Insufficient verification of data authenticity in
the configuration state machine may allow a local attacker to potentially load
arbitrary bitstreams.
Update
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2023-20570
|
2024-10-17 23:34 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
154
|
6.1 |
MEDIUM
Network
|
rems
|
profile_registration_without_reload\/refresh
|
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9799
|
2024-10-17 23:32 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
155
|
4.3 |
MEDIUM
Adjacent
|
dell
|
emc_appsync
|
Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to in…
Update
|
CWE-611
XXE
|
CVE-2024-39586
|
2024-10-17 23:30 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
156
|
7.8 |
HIGH
Local
|
dell
|
supportassist_for_home_pcs
supportassist_for_business_pcs
|
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs (between v3.0 and v3.4.1), a security concern has been identified, impacting locally authenticated us…
Update
|
NVD-CWE-noinfo
|
CVE-2023-44283
|
2024-10-17 23:29 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
157
|
5.3 |
MEDIUM
Local
|
dell
|
supportassist_for_home_pcs
|
Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the Suppor…
Update
|
NVD-CWE-Other
|
CVE-2023-39249
|
2024-10-17 23:27 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
158
|
7.2 |
HIGH
Network
|
lylme
|
lylme_spage
|
A vulnerability was found in LyLme_spage 1.9.5. It has been classified as critical. Affected is an unknown function of the file /admin/sou.php. The manipulation of the argument id leads to sql inject…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9790
|
2024-10-17 23:26 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
159
|
7.2 |
HIGH
Network
|
lylme
|
lylme_spage
|
A vulnerability was found in LyLme_spage 1.9.5 and classified as critical. This issue affects some unknown processing of the file /admin/apply.php. The manipulation of the argument id leads to sql in…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9789
|
2024-10-17 23:26 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
160
|
7.2 |
HIGH
Network
|
lylme
|
lylme_spage
|
A vulnerability has been found in LyLme_spage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file /admin/tag.php. The manipulation of the argument id leads to sql in…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9788
|
2024-10-17 23:26 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
