Export limit exceeded: 334977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334977 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45281 | 1 Sap | 1 Business Objects Business Intelligence Platform | 2024-09-16 | 5.8 Medium |
| SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client desktop applications even if some of the DLLs are not digitally signed or if the signature is broken. The attacker needs to have local access to the vulnerable system to perform DLL related tasks. This could result in a high impact on confidentiality and integrity of the application. | ||||
| CVE-2024-45280 | 2024-09-16 | 4.8 Medium | ||
| Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious scripts to be executed in the login application. This has a limited impact on confidentiality and integrity of the application. There is no impact on availability. | ||||
| CVE-2024-44115 | 2024-09-16 | 4.3 Medium | ||
| The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces, and nodes. There is low impact on integrity of the application | ||||
| CVE-2024-7705 | 2 Fujian, Mainwww | 2 Mwcms, Mwcms | 2024-09-16 | 4.7 Medium |
| A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the component Image Upload. The manipulation of the argument upfile leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2011-2810 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-0253. Reason: This candidate is a reservation duplicate of CVE-2011-0253. Notes: All CVE users should reference CVE-2011-0253 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2008-4317 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5019. Reason: This candidate is a reservation duplicate of CVE-2008-5019. Notes: All CVE users should reference CVE-2008-5019 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2008-2546 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1805. Reason: This candidate is a reservation duplicate of CVE-2008-1805. Notes: All CVE users should reference CVE-2008-1805 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2006-5470 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-5740. Reason: This candidate is a duplicate of CVE-2006-5740 due to a typo. Notes: All CVE users should reference CVE-2006-5740 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2007-6445 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6117. Reason: This candidate is a duplicate of CVE-2007-6117. Notes: All CVE users should reference CVE-2007-6117 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2004-1239 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2004. Notes: none | ||||
| CVE-2016-1000367 | 2024-09-16 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9858, CVE-2016-9859, CVE-2016-9860. Reason: This candidate is a reservation duplicate of CVE-2016-9858, CVE-2016-9859, and CVE-2016-9860. Notes: All CVE users should reference CVE-2016-9858, CVE-2016-9859, and/or CVE-2016-9860 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
| CVE-2024-39574 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 6.7 Medium |
| Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service. | ||||
| CVE-2024-39581 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 7.3 High |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a File or Directories Accessible to External Parties vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to read, modify, and delete arbitrary files. | ||||
| CVE-2024-42425 | 1 Dell | 4 7920 Xl, 7920 Xl Firmware, Precision 7920 and 1 more | 2024-09-16 | 3.8 Low |
| Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2024-39583 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 8.1 High |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky Cryptographic Algorithm vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2024-39580 | 1 Dell | 2 Insightiq, Powerscale Insightiq | 2024-09-16 | 6.7 Medium |
| Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2024-39582 | 1 Dell | 1 Insightiq | 2024-09-16 | 2.3 Low |
| Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2024-42474 | 2 Microsoft, Snowflake | 2 Windows, Streamlit | 2024-09-16 | 6.5 Medium |
| Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit app(s) on Windows were vulnerable to a path traversal vulnerability when the static file sharing feature is enabled. An attacker could utilize the vulnerability to leak the password hash of the Windows user running Streamlit. The vulnerability was patched on Jul 25, 2024, as part of Streamlit open source version 1.37.0. The vulnerability only affects Windows. | ||||
| CVE-2024-27257 | 1 Ibm | 2 Openpages Grc Platform, Openpages With Watson | 2024-09-16 | 4.3 Medium |
| IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. | ||||
| CVE-2024-44112 | 1 Sap | 1 Oil \%\/ Gas | 2024-09-16 | 4.3 Medium |
| Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability. | ||||