Lucene search

K

Diary & Availability Calendar Security Vulnerabilities

cve
cve

CVE-2024-33004

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...

4.3CVSS

6.6AI Score

0.0004EPSS

2024-05-14 04:17 PM
25
cve
cve

CVE-2024-32733

Due to missing input validation and output encoding of untrusted data, SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject malicious JavaScript code into the dynamically crafted web page. On successful exploitation the attacker can access or modify.....

6.1CVSS

6.7AI Score

0.0004EPSS

2024-05-14 04:17 PM
26
nvd
nvd

CVE-2024-32733

Due to missing input validation and output encoding of untrusted data, SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject malicious JavaScript code into the dynamically crafted web page. On successful exploitation the attacker can access or modify.....

6.1CVSS

6.3AI Score

0.0004EPSS

2024-05-14 04:17 PM
cve
cve

CVE-2024-32731

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...

5.5CVSS

7AI Score

0.0004EPSS

2024-05-14 04:17 PM
25
nvd
nvd

CVE-2024-32731

SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the confidentiality,...

5.5CVSS

5.7AI Score

0.0004EPSS

2024-05-14 04:17 PM
cve
cve

CVE-2024-30207

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

10CVSS

7AI Score

0.0004EPSS

2024-05-14 04:16 PM
29
nvd
nvd

CVE-2024-30207

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

10CVSS

9.4AI Score

0.0004EPSS

2024-05-14 04:16 PM
nvd
nvd

CVE-2024-28134

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

6.8AI Score

0.001EPSS

2024-05-14 04:16 PM
cve
cve

CVE-2024-28134

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

6.7AI Score

0.001EPSS

2024-05-14 04:16 PM
21
nvd
nvd

CVE-2024-4448

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' widgets in all versions up to, and including, 5.9.19....

6.5CVSS

6AI Score

0.001EPSS

2024-05-14 03:43 PM
cve
cve

CVE-2024-4448

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table' widgets in all versions up to, and including, 5.9.19....

6.5CVSS

5.7AI Score

0.001EPSS

2024-05-14 03:43 PM
10
nvd
nvd

CVE-2024-4046

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect...

6.4CVSS

6.4AI Score

0.0004EPSS

2024-05-14 03:42 PM
cve
cve

CVE-2024-4046

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect...

6.4CVSS

6.9AI Score

0.0004EPSS

2024-05-14 03:42 PM
13
cve
cve

CVE-2024-33950

Administrator Cross Site Scripting (XSS) in Archives Calendar Widget <= 1.0.15...

5.9CVSS

6AI Score

0.0004EPSS

2024-05-14 03:38 PM
12
nvd
nvd

CVE-2024-33950

Administrator Cross Site Scripting (XSS) in Archives Calendar Widget <= 1.0.15...

5.9CVSS

5.8AI Score

0.0004EPSS

2024-05-14 03:38 PM
nvd
nvd

CVE-2024-32999

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect...

6.8CVSS

6.6AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32998

NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulnerability will affect...

5.9CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
13
nvd
nvd

CVE-2024-32998

NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulnerability will affect...

5.9CVSS

5.7AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32999

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect...

6.8CVSS

6.9AI Score

0.0004EPSS

2024-05-14 03:37 PM
12
cve
cve

CVE-2024-32996

Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vulnerability will affect...

6.2CVSS

7.1AI Score

0.0004EPSS

2024-05-14 03:37 PM
12
cve
cve

CVE-2024-32997

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect...

8.4CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
16
nvd
nvd

CVE-2024-32996

Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vulnerability will affect...

6.2CVSS

6.5AI Score

0.0004EPSS

2024-05-14 03:37 PM
nvd
nvd

CVE-2024-32997

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect...

8.4CVSS

8.4AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32993

Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect...

5.6CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
16
nvd
nvd

CVE-2024-32995

Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vulnerability will affect...

6.2CVSS

6.3AI Score

0.0004EPSS

2024-05-14 03:37 PM
nvd
nvd

CVE-2024-32993

Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect...

5.6CVSS

5.5AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32995

Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vulnerability will affect...

6.2CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
13
nvd
nvd

CVE-2024-32991

Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32991

Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect...

7.5CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
11
cve
cve

CVE-2024-32992

Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect...

7.5CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
14
nvd
nvd

CVE-2024-32992

Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32989

Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect...

3.3CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
13
nvd
nvd

CVE-2024-32990

Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect...

6.1CVSS

6.2AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2024-32990

Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect...

6.1CVSS

6.8AI Score

0.0004EPSS

2024-05-14 03:37 PM
12
nvd
nvd

CVE-2024-32989

Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect...

3.3CVSS

4AI Score

0.0004EPSS

2024-05-14 03:37 PM
cve
cve

CVE-2023-52720

Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect...

4.1CVSS

6.8AI Score

0.0004EPSS

2024-05-14 02:23 PM
15
nvd
nvd

CVE-2023-52720

Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect...

4.1CVSS

4.4AI Score

0.0004EPSS

2024-05-14 02:23 PM
nvd
nvd

CVE-2023-52384

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect...

4.7CVSS

4.8AI Score

0.0004EPSS

2024-05-14 02:22 PM
cve
cve

CVE-2023-52384

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect...

4.7CVSS

6.8AI Score

0.0004EPSS

2024-05-14 02:22 PM
14
nvd
nvd

CVE-2023-52383

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect...

4.7CVSS

4.8AI Score

0.0004EPSS

2024-05-14 02:22 PM
cve
cve

CVE-2023-52383

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect...

4.7CVSS

6.8AI Score

0.0004EPSS

2024-05-14 02:22 PM
13
githubexploit
githubexploit

Exploit for CVE-2024-27804

CVE-2024-27804 bash ./build.sh ./panic.sh ```bash...

7.2AI Score

0.0004EPSS

2024-05-14 02:17 PM
246
cvelist
cvelist

CVE-2024-33494

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

6.5CVSS

6.6AI Score

0.0004EPSS

2024-05-14 10:02 AM
vulnrichment
vulnrichment

CVE-2024-33494

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

6.5CVSS

7AI Score

0.0004EPSS

2024-05-14 10:02 AM
cvelist
cvelist

CVE-2024-30207

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

10CVSS

9.5AI Score

0.0004EPSS

2024-05-14 10:02 AM
vulnrichment
vulnrichment

CVE-2024-30207

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager...

10CVSS

7.1AI Score

0.0004EPSS

2024-05-14 10:02 AM
rosalinux
rosalinux

Advisory ROSA-SA-2024-2420

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 2.1 package_evr_string: jackson-databind-2.10.0 CVE-ID: CVE-2020-35490 BDU-ID: 2022-03804 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the org.apache.commons.dbcp2.datasources.PerUserPoolDataSource component of the Jackson-databind library.....

8.1CVSS

8.1AI Score

0.007EPSS

2024-05-14 09:30 AM
7
cvelist
cvelist

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

7AI Score

0.001EPSS

2024-05-14 08:09 AM
vulnrichment
vulnrichment

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

6.7AI Score

0.001EPSS

2024-05-14 08:09 AM
vulnrichment
vulnrichment

CVE-2024-33004 Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices)

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...

4.3CVSS

6.7AI Score

0.0004EPSS

2024-05-14 04:00 AM
Total number of security vulnerabilities57573