Lucene search
K

157 matches found

CVE
CVE
added 2024/09/23 5:28 p.m.57 views

CVE-2024-0004

CVE-2024-0004 affects Pure Storage FlashArray Purity. A condition exists where a user with the array-admin role can remotely execute arbitrary commands to escalate privileges on the array. The available documents confirm the vulnerability topic and impact (remote command execution with high/criti...

9.1CVSS9.7AI score0.00647EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/09/23 5:27 p.m.43 views

CVE-2024-0003

CVE-2024-0003 affects Pure Storage FlashArray Purity. The issue: a malicious user could use a remote administrative service to create an account on the array, granting privileged access. Documented impact includes high confidentiality, integrity, and availability concerns with a network attack ve...

9.1CVSS9AI score0.00476EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/09/23 5:27 p.m.18 views

CVE-2024-0003

A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...

9.1CVSS0.00476EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/23 5:27 p.m.13 views

CVE-2024-0003

A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...

9.1CVSS6.8AI score0.00476EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/23 5:26 p.m.13 views

CVE-2024-0002

A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array...

10CVSS7.1AI score0.00497EPSS
Exploits1References1
CVE
CVE
added 2024/09/23 5:26 p.m.45 views

CVE-2024-0002

Technical details about CVE-2024-0002 are not publicly provided in the supplied documents. The entries describe a privilege-based remote access issue in FlashArray Purity but lack specifics on affected versions, vectors, or remediation.

10CVSS9.2AI score0.00497EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/09/23 5:26 p.m.22 views

CVE-2024-0002

A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array...

10CVSS0.00497EPSS
Exploits1References1
CVE
CVE
added 2024/09/23 5:25 p.m.154 views

CVE-2024-0001

FlashArray Purity contains a vulnerability where a local account intended for initial array configuration remains active, enabling potential privilege escalation. Connected sources show CVSS 3.1/10.0 (CRITICAL) with network attack vector and no user interaction; exploitation status is not detaile...

10CVSS9.3AI score0.00857EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/09/23 5:25 p.m.57 views

CVE-2024-0001

A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges...

10CVSS0.00857EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.7 views

PT-2024-15288 · Pure Storage · Flasharray Purity

Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a malicious user could use a remote administrative service to create an account on the array allowing privileged access...

9.1CVSS7AI score0.00476EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.12 views

PT-2024-15289 · Pure Storage · Flasharray Purity

Name of the Vulnerable Software and Affected Versions: FlashArray Purity affected versions not specified Description: A condition exists in FlashArray Purity whereby a user with an array admin role can execute arbitrary commands remotely to escalate privilege on the array. Recommendations: At the...

9.1CVSS7.9AI score0.00647EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.9 views

PT-2024-15290 · Pure Storage · Flasharray +1

Name of the Vulnerable Software and Affected Versions: FlashArray and FlashBlade Purity affected versions not specified Description: A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP...

9.1CVSS7.7AI score0.00636EPSS
Exploits1References9
NVD
NVD
added 2024/08/18 2:15 p.m.24 views

CVE-2024-43348

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...

7.1CVSS0.00284EPSS
Exploits0References1
CVE
CVE
added 2024/08/18 1:15 p.m.48 views

CVE-2024-43348

CVE-2024-43348 is a reflected XSS vulnerability in the Purity Of Soul WordPress theme. The issue is described as an improper neutralization of input during web page generation, affecting Purity Of Soul versions from n/a up to 1.9. Connected records corroborate the vulnerability title and scope bu...

7.1CVSS7AI score0.00284EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/18 1:15 p.m.11 views

CVE-2024-43348 WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...

7.1CVSS7AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/18 1:15 p.m.23 views

CVE-2024-43348 WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9...

7.1CVSS0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/18 12:0 a.m.5 views

WordPress plugin Purity Of Soul 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress plugin Purity ...

7.1CVSS6AI score0.00284EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/08/16 2:6 p.m.4 views

WordPress Purity Of Soul theme <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme Purity Of Soul versions = 1.9...

7.1CVSS6.1AI score0.00284EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.13 views

WordPress Purity Of Soul Theme <= 1.9 is vulnerable to Cross Site Scripting (XSS)

Software Purity Of Soul Type Theme Vulnerable versions = 1.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43348 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2e3680e055fd Credits justakazh Required privilege...

7.1CVSS6.6AI score0.00284EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/07/17 4:15 p.m.14 views

CVE-2023-4976

A flaw exists in FlashBlade whereby a local account is permitted to authenticate to the management interface using an unintended method that allows an attacker to gain privileged access to the array...

9.3CVSS0.00384EPSS
Exploits0References2
Rows per page
Query Builder