|
315541
|
- |
|
-
|
-
|
Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.
|
CWE-125
Out-of-bounds Read
|
CVE-2023-25546
|
2024-09-17 02:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315542
|
- |
|
-
|
-
|
NULL pointer dereference in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-395
Use of NullPointerException Catch to Detect NULL Pointer Dereference
|
CVE-2023-23904
|
2024-09-17 02:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315543
|
- |
|
-
|
-
|
Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-787
Out-of-bounds Write
|
CVE-2023-22351
|
2024-09-17 02:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315544
|
9.8 |
CRITICAL
Network
|
ibm
|
sterling_connect_direct_web_services
|
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality.
|
CWE-1392
Use of Default Credentials
|
CVE-2024-39747
|
2024-09-17 02:13 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315545
|
7.5 |
HIGH
Network
|
skyport
|
skyportd
|
Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of c…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-42481
|
2024-09-17 02:10 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315546
|
7.8 |
HIGH
Local
|
ultimaker
|
ultimaker_cura
|
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader (/plugins/ThreeMFReader.py). The vulnerability arises from improper handling of th…
|
CWE-94
Code Injection
|
CVE-2024-8374
|
2024-09-17 01:44 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315547
|
6.4 |
MEDIUM
Network
|
halo
|
halo
|
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43793
|
2024-09-17 01:28 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315548
|
6.1 |
MEDIUM
Network
|
halo
|
halo
|
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43792
|
2024-09-17 01:26 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315549
|
8.2 |
HIGH
Network
|
sap
|
bex_web_java_runtime_export_web_service
|
BEx Web Java Runtime Export Web Service does not
sufficiently validate an XML document accepted from an untrusted source. An
attacker can retrieve information from the SAP ADS system and exhaust the
…
|
CWE-91
Blind XPath Injection
|
CVE-2024-42374
|
2024-09-17 01:25 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315550
|
9.1 |
CRITICAL
Network
|
sap
|
commerce_cloud
|
Some OCC API endpoints in SAP Commerce Cloud
allows Personally Identifiable Information (PII) data, such as passwords, email
addresses, mobile numbers, coupon codes, and voucher codes, to be included…
|
NVD-CWE-noinfo
|
CVE-2024-33003
|
2024-09-17 01:22 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
