Lucene search

K

Norton Antivirus, Norton AntiVirus With Backup, Norton Security, Norton Security With Backup, Norton Internet Security, Norton 360 Security Vulnerabilities

cvelist
cvelist

CVE-2024-37141

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to information...

3.5CVSS

EPSS

2024-06-26 04:00 AM
cve
cve

CVE-2024-37141

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to information...

3.5CVSS

6.4AI Score

EPSS

2024-06-26 04:00 AM
cve
cve

CVE-2024-37140

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the system....

8.8CVSS

7.7AI Score

EPSS

2024-06-26 03:54 AM
cvelist
cvelist

CVE-2024-37140

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an OS command injection vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the system....

8.8CVSS

EPSS

2024-06-26 03:54 AM
cvelist
cvelist

CVE-2024-37139

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource...

6.5CVSS

EPSS

2024-06-26 03:38 AM
1
cve
cve

CVE-2024-37139

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an Improper Control of a Resource Through its Lifetime vulnerability in an admin operation. A remote low privileged attacker could potentially exploit this vulnerability, leading to temporary resource...

6.5CVSS

6.7AI Score

EPSS

2024-06-26 03:38 AM
1
cve
cve

CVE-2024-37138

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the...

4.1CVSS

6.7AI Score

EPSS

2024-06-26 03:24 AM
1
cvelist
cvelist

CVE-2024-37138

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 on DDMC contain a relative path traversal vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the application sending over an unauthorized file to the...

4.1CVSS

EPSS

2024-06-26 03:24 AM
2
nvd
nvd

CVE-2024-5181

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability arises from the application's handling of the backend parameter in the configuration file, which is used in the name of the initialized process. An attacker can exploit this vulnerability by...

9.8CVSS

EPSS

2024-06-26 03:15 AM
1
cve
cve

CVE-2024-5181

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability arises from the application's handling of the backend parameter in the configuration file, which is used in the name of the initialized process. An attacker can exploit this vulnerability by...

9.8CVSS

9.6AI Score

EPSS

2024-06-26 03:15 AM
cve
cve

CVE-2024-29176

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a buffer overflow vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code on the vulnerable...

8.8CVSS

7.9AI Score

EPSS

2024-06-26 03:15 AM
1
nvd
nvd

CVE-2024-29175

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session...

5.9CVSS

EPSS

2024-06-26 03:15 AM
1
nvd
nvd

CVE-2024-29176

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a buffer overflow vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code on the vulnerable...

8.8CVSS

EPSS

2024-06-26 03:15 AM
1
nvd
nvd

CVE-2024-29177

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain...

2.7CVSS

EPSS

2024-06-26 03:15 AM
1
nvd
nvd

CVE-2024-29174

Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

4.4CVSS

EPSS

2024-06-26 03:15 AM
1
cve
cve

CVE-2024-29175

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session...

5.9CVSS

6.9AI Score

EPSS

2024-06-26 03:15 AM
1
cve
cve

CVE-2024-29174

Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

4.4CVSS

8AI Score

EPSS

2024-06-26 03:15 AM
1
cve
cve

CVE-2024-29177

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain...

2.7CVSS

6.5AI Score

EPSS

2024-06-26 03:15 AM
nvd
nvd

CVE-2024-29173

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote...

6.8CVSS

EPSS

2024-06-26 03:15 AM
cve
cve

CVE-2024-29173

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote...

6.8CVSS

6.5AI Score

EPSS

2024-06-26 03:15 AM
cve
cve

CVE-2024-28973

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

5.9CVSS

6AI Score

EPSS

2024-06-26 03:15 AM
1
nvd
nvd

CVE-2024-28973

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

5.9CVSS

EPSS

2024-06-26 03:15 AM
1
cvelist
cvelist

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

EPSS

2024-06-26 03:12 AM
1
cve
cve

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

6.3AI Score

EPSS

2024-06-26 03:12 AM
cvelist
cvelist

CVE-2024-29175

Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an weak cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to man-in-the-middle attack that exposes sensitive session...

5.9CVSS

EPSS

2024-06-26 03:03 AM
cvelist
cvelist

CVE-2024-29174

Dell Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.30, LTS 7.10.1.20 contain an SQL Injection vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database causing...

4.4CVSS

EPSS

2024-06-26 02:57 AM
cvelist
cvelist

CVE-2024-29173

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Server-Side Request Forgery (SSRF) vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to disclosure of information on the application or remote...

6.8CVSS

EPSS

2024-06-26 02:51 AM
cvelist
cvelist

CVE-2024-29177

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary sensitive information vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the reuse of disclosed information to gain...

2.7CVSS

EPSS

2024-06-26 02:46 AM
cvelist
cvelist

CVE-2024-29176

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a buffer overflow vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to an application crash or execution of arbitrary code on the vulnerable...

8.8CVSS

EPSS

2024-06-26 02:37 AM
1
cvelist
cvelist

CVE-2024-28973

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a Stored Cross-Site Scripting Vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted...

5.9CVSS

EPSS

2024-06-26 02:31 AM
1
cve
cve

CVE-2024-5173

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS

5.7AI Score

EPSS

2024-06-26 02:15 AM
1
nvd
nvd

CVE-2024-5173

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS

EPSS

2024-06-26 02:15 AM
cvelist
cvelist

CVE-2024-5173 HT Mega – Absolute Addons For Elementor <= 2.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Player Widget Settings

The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Video player widget settings in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS

EPSS

2024-06-26 02:07 AM
redhatcve
redhatcve

CVE-2024-37894

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service...

6.3CVSS

7.2AI Score

EPSS

2024-06-26 01:21 AM
cve
cve

CVE-2024-24764

October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (october://) allowed external links, therefore allowing an...

3.5CVSS

6.8AI Score

EPSS

2024-06-26 01:15 AM
2
nvd
nvd

CVE-2024-24764

October is a self-hosted CMS platform based on the Laravel PHP Framework. This issue affects authenticated administrators who may be redirected to an untrusted URL using the PageFinder schema. The resolver for the page finder link schema (october://) allowed external links, therefore allowing an...

3.5CVSS

EPSS

2024-06-26 01:15 AM
2
cve
cve

CVE-2024-35139

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
2
cve
cve

CVE-2024-35137

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2023-38370

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
2
cve
cve

CVE-2023-38371

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2024-35153

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2023-30998

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2023-38368

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2024-31883

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2024-31916

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
cve
cve

CVE-2023-30430

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
2
cve
cve

CVE-2023-30997

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be...

7.2AI Score

2024-06-26 12:50 AM
1
ibm
ibm

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.8.0. Vulnerability Details ** CVEID: CVE-2023-38371 DESCRIPTION: **IBM Security Access Manager uses weaker than expected cryptographic algorithms that...

7.2AI Score

EPSS

2024-06-26 12:43 AM
3
ibm
ibm

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details ** CVEID: CVE-2024-31883 DESCRIPTION: **IBM Security Verify Access, under certain configurations, could allow an...

7.5CVSS

8AI Score

EPSS

2024-06-26 12:42 AM
3
nvd
nvd

CVE-2024-4869

The WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Client-IP’ header in all versions up to, and including, 3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

7.2CVSS

EPSS

2024-06-26 12:15 AM
3
Total number of security vulnerabilities2787832