157 matches found
CVE-2024-0004
CVE-2024-0004 affects Pure Storage FlashArray Purity. A condition exists where a user with the array-admin role can remotely execute arbitrary commands to escalate privileges on the array. The available documents confirm the vulnerability topic and impact (remote command execution with high/criti...
CVE-2024-0003
CVE-2024-0003 affects Pure Storage FlashArray Purity. The issue: a malicious user could use a remote administrative service to create an account on the array, granting privileged access. Documented impact includes high confidentiality, integrity, and availability concerns with a network attack ve...
CVE-2024-0003
A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...
CVE-2024-0003
A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...
CVE-2024-0002
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array...
CVE-2024-0002
Technical details about CVE-2024-0002 are not publicly provided in the supplied documents. The entries describe a privilege-based remote access issue in FlashArray Purity but lack specifics on affected versions, vectors, or remediation.
CVE-2024-0002
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array...
CVE-2024-0001
FlashArray Purity contains a vulnerability where a local account intended for initial array configuration remains active, enabling potential privilege escalation. Connected sources show CVSS 3.1/10.0 (CRITICAL) with network attack vector and no user interaction; exploitation status is not detaile...
CVE-2024-0001
A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges...
PT-2024-15288 · Pure Storage · Flasharray Purity
Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...
PT-2024-15289 · Pure Storage · Flasharray Purity
Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a user with an array admin role can execute arbitrary commands remotely to escalate privilege on the array. Recommendations: At the...
PT-2024-15290 · Pure Storage · Flasharray +1
Name of the Vulnerable Software and Affected Versions: FlashArray and FlashBlade Purity affected versions not specified Description: A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP...
CVE-2024-43348
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...
CVE-2024-43348
CVE-2024-43348 is a reflected XSS vulnerability in the Purity Of Soul WordPress theme. The issue is described as an improper neutralization of input during web page generation, affecting Purity Of Soul versions from n/a up to 1.9. Connected records corroborate the vulnerability title and scope bu...
CVE-2024-43348 WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...
CVE-2024-43348 WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...
WordPress plugin Purity Of Soul 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin Purity ...
WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme Purity Of Soul versions = 1.9...
WordPress Purity Of Soul Theme <= 1.9 is vulnerable to Cross Site Scripting (XSS)
Software Purity Of Soul Type Theme Vulnerable versions = 1.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43348 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2e3680e055fd Credits justakazh Required privilege...
CVE-2023-4976
A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array...