Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-28090 |
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp. Published: March 28, 2024; 4:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25506 |
Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker before 4.0 allows a remote attacker to run arbitrary code via control of the pm_sys_sys cookie. Published: March 28, 2024; 4:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3019 |
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer. Published: March 28, 2024; 3:15:49 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31065 |
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. Published: March 28, 2024; 3:15:49 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31064 |
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. Published: March 28, 2024; 3:15:49 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31063 |
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. Published: March 28, 2024; 3:15:49 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31062 |
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31061 |
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2947 |
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28713 |
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27719 |
A cross site scripting (XSS) vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in the Add FAQ function. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25971 |
Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25963 |
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. Published: March 28, 2024; 3:15:48 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25960 |
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25955 |
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25954 |
Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25953 |
Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25952 |
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25946 |
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity. Published: March 28, 2024; 3:15:47 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-25961 |
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. Published: March 28, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |