U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,247 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2024-28713

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature.

Published: March 28, 2024; 3:15:48 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-27719

A cross site scripting (XSS) vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in the Add FAQ function.

Published: March 28, 2024; 3:15:48 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25971

Dell PowerProtect Data Manager, version 19.15, contains an XML External Entity Injection vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service.

Published: March 28, 2024; 3:15:48 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25963

Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure.

Published: March 28, 2024; 3:15:48 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25960

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains a cleartext transmission of sensitive information vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25955

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25954

Dell PowerScale OneFS, versions 9.5.0.x through 9.7.0.x, contain an insufficient session expiration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25953

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25952

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25946

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An authorized attacker could potentially exploit this vulnerability leading to an execution of an inserted command. Dell recommends customers to upgrade at the earliest opportunity.

Published: March 28, 2024; 3:15:47 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25961

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges.

Published: March 28, 2024; 2:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-25959

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an insertion of sensitive information into log file vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to sensitive information disclosure, escalation of privileges.

Published: March 28, 2024; 2:15:07 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42974

A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42962

This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42956

The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing web content may lead to a denial-of-service.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42950

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42947

A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to break out of its sandbox.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42936

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. An app may be able to access user-sensitive data.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42931

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. A process may gain admin privileges without proper authentication.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2023-42930

This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Sonoma 14.2, macOS Monterey 12.7.2. An app may be able to modify protected parts of the file system.

Published: March 28, 2024; 12:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)