|
315501
|
7.8 |
HIGH
Local
|
intel
|
oneapi_base_toolkit
advisor
|
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-26025
|
2024-09-7 03:54 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315502
|
7.8 |
HIGH
Local
|
intel
|
simics_package_manager
|
Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-26027
|
2024-09-7 03:52 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315503
|
5.5 |
MEDIUM
Local
|
intel
|
memory_and_storage_tool_gui
|
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-27461
|
2024-09-7 03:45 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315504
|
7.8 |
HIGH
Local
|
intel
|
graphics_performance_analyzers
|
Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28046
|
2024-09-7 03:40 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315505
|
5.5 |
MEDIUM
Local
|
intel
|
arc_a_graphics
iris_xe_graphics
|
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.
|
NVD-CWE-noinfo
|
CVE-2024-28050
|
2024-09-7 03:38 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315506
|
7.3 |
HIGH
Local
|
intel
|
oneapi_hpc_toolkit
trace_analyzer_and_collector
|
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28172
|
2024-09-7 03:36 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315507
|
7.3 |
HIGH
Local
|
intel
|
mpi_library
oneapi_hpc_toolkit
|
Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28876
|
2024-09-7 03:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315508
|
9.8 |
CRITICAL
Network
|
lopalopa
|
music_management_system
|
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manage_playlist_items.php. An attacker can execute arbitrary SQL commands via the "pid" parameter.
|
CWE-89
SQL Injection
|
CVE-2024-42783
|
2024-09-7 03:31 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315509
|
7.2 |
HIGH
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering e…
|
CWE-94
Code Injection
|
CVE-2024-45053
|
2024-09-7 03:20 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315510
|
5.3 |
MEDIUM
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-45052
|
2024-09-7 03:18 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
