|
313671
|
4.1 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security
qradar_suite
|
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another authenticated…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-38382
|
2024-09-21 19:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313672
|
8.8 |
HIGH
Local
|
siemens
|
omnivise_t3000_whitelisting_server
omnivise_t3000_thin_client
omnivise_t3000_product_data_management
omnivise_t3000_domain_controller
omnivise_t3000_application_server
omnivise_t3000_t…
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-38877
|
2024-09-21 08:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313673
|
9.8 |
CRITICAL
Network
|
siemens
|
omnivise_t3000_application_server
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system expos…
|
NVD-CWE-noinfo
|
CVE-2024-38879
|
2024-09-21 08:26 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313674
|
9.1 |
CRITICAL
Network
|
wcms
|
wcms
|
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p…
|
CWE-22
Path Traversal
|
CVE-2024-8875
|
2024-09-21 07:44 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313675
|
7.5 |
HIGH
Network
|
smart-hmi
|
webiq
|
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
|
CWE-22
Path Traversal
|
CVE-2024-8752
|
2024-09-21 07:42 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313676
|
9.1 |
CRITICAL
Network
|
nextcloud
|
desktop
|
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
|
NVD-CWE-noinfo
|
CVE-2024-46958
|
2024-09-21 07:41 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313677
|
9.8 |
CRITICAL
Network
|
man
|
d-tale
|
D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrad…
|
NVD-CWE-noinfo
|
CVE-2024-45595
|
2024-09-21 04:59 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313678
|
8.8 |
HIGH
Network
|
nixos
|
nix
|
Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to a…
|
CWE-22
Path Traversal
|
CVE-2024-45593
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313679
|
6.1 |
MEDIUM
Network
|
damienharper
|
auditor-bundle
|
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45592
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313680
|
5.3 |
MEDIUM
Network
|
xwiki
|
xwiki
|
XWiki Platform is a generic wiki platform. The REST API exposes the history of any page in XWiki of which the attacker knows the name. The exposed information includes for each modification of the pa…
|
CWE-862
Missing Authorization
|
CVE-2024-45591
|
2024-09-21 04:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
