|
313551
|
9.8 |
CRITICAL
Network
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially expl…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-39581
|
2024-09-17 00:50 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313552
|
5.5 |
MEDIUM
Local
|
dell
|
precision_7920_firmware
7920_xl_firmware
|
Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially ex…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-42425
|
2024-09-17 00:46 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313553
|
9.8 |
CRITICAL
Network
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploi…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-39583
|
2024-09-17 00:42 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313554
|
6.7 |
MEDIUM
Local
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, lead…
|
NVD-CWE-noinfo
|
CVE-2024-39580
|
2024-09-17 00:40 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313555
|
4.4 |
MEDIUM
Local
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to In…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-39582
|
2024-09-17 00:36 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313556
|
6.5 |
MEDIUM
Network
|
snowflake
|
streamlit
|
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Stre…
|
CWE-22
Path Traversal
|
CVE-2024-42474
|
2024-09-16 23:30 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313557
|
4.3 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
openpages_with_watson
|
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.
|
NVD-CWE-Other
|
CVE-2024-27257
|
2024-09-16 23:26 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313558
|
6.5 |
MEDIUM
Local
|
theforeman
|
foreman
|
A command injection flaw was found in the "Host Init Config" template in the Foreman application via the "Install Packages" field on the "Register Host" page. This flaw allows an attacker with the ne…
|
CWE-77
Command Injection
|
CVE-2024-7700
|
2024-09-16 23:20 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313559
|
4.3 |
MEDIUM
Network
|
sap
|
oil_\%\/_gas
|
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow…
|
CWE-862
Missing Authorization
|
CVE-2024-44112
|
2024-09-16 23:19 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313560
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impa…
|
CWE-862
Missing Authorization
|
CVE-2024-41728
|
2024-09-16 23:14 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
