The vulnerability of NVIDIA ConnectX network cards’ microprogramming software and NVIDIA BlueField data processing processor microprogramming software, related to access control deficiencies, allows attackers to gain unauthorized access to read and modify data, or cause service failures.

The vulnerability of NVIDIA ConnectX network cards’ microprogramming software and NVIDIA BlueField data processing processor microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access t...

The vulnerability of the Audio, Web, and Video Conferencing component of the MiCollab collaboration platform allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Audio, Web, and Video Conferencing component of the MiCollab collaboration platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to read, modify, or delete data...

The vulnerability of the SAP NetWeaver AS ABAP software integration platform, related to deficiencies in access control, allows a perpetrator to gain read, modify, or delete access to data.

The vulnerability of the SAP NetWeaver AS ABAP software integration platform is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to gain read, modify, or delete access to data by injecting CSS code or loading a specially created malicious page...

ChanGate Property Management System SQL注入漏洞

ChanGate Property Management System is a property management system from ChanGate. The ChanGate Property Management System suffers from a SQL injection vulnerability that could allow an unauthenticated, remote attacker to inject arbitrary SQL commands to read, modify, and delete database content...

PT-2024-10341 · Fortinet · Fortirecorder

Name of the Vulnerable Software and Affected Versions: Fortinet FortiRecorder versions 7.2.0 through 7.2.1 Fortinet FortiRecorder versions prior to 7.0.4 Description: The issue is related to a path traversal vulnerability, which allows a privileged attacker to access and delete files from the...

Dell InsightIQ 安全漏洞

Dell InsightIQ is a performance monitoring and reporting tool from Dell USA. A security vulnerability exists in Dell InsightIQ that originates from a file or directory that is accessible to an outside party. An unauthenticated, remote-access attacker could use this vulnerability to read, modify,...

PT-2024-38944 · Gether Technology · 6Shr System

Name of the Vulnerable Software and Affected Versions: 6SHR system from Gether Technology affected versions not specified Description: The 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL...

mozilla: Missing permission check when creating a StreamFilter

The Mozilla Foundation Security Advisory describes this flaw as: It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site...

mozilla: Missing permission check when creating a StreamFilter

The Mozilla Foundation Security Advisory describes this flaw as: It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site...

mozilla: Missing permission check when creating a StreamFilter

The Mozilla Foundation Security Advisory describes this flaw as: It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site...

mozilla: Missing permission check when creating a StreamFilter

The Mozilla Foundation Security Advisory describes this flaw as: It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on any site...

CVE-2024-7202

The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...

OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

Siemens SIPROTEC 5 加密问题漏洞

SIPROTEC 5 devices offer a range of integrated protection, control, measurement and automation functions for substations and other applications. A weak cryptography vulnerability exists in Siemens SIPROTEC 5 devices due to affected devices supporting weak cryptography on multiple ports 443/tcp fo...

CVE-2024-31898

IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. IBM X-Force ID: 288182...

The vulnerability of FortiWeb web applications’ network firewalls, related to deficiencies in authentication procedures, allows attackers to gain read, modify, or delete access to data.

The vulnerability of FortiWeb web applications’ network firewalls is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain read, modify, or delete access to data by sending specially crafted requests...

The vulnerability of the Redmine DMSF plugin, a project and task management system, arises from incorrect restrictions on the path to the restricted catalog. This allows attackers to gain read, modify, or delete access to files.

The vulnerability of the Redmine DMSF plugin, a project and task management system, is related to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to files...

PT-2024-3982 · Unknown · Redmine Dmsf Plugin

Name of the Vulnerable Software and Affected Versions: Redmine DMSF Plugin versions prior to 3.1.4 Description: The issue is related to a path traversal vulnerability in the Redmine DMSF Plugin, which can be exploited by a remote attacker to gain read, modify, or delete access to files. This...

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, ...

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle Complex Maintenance, Repair, and Overhaul systems—a system for automating business operations in Oracle E-Business Suite—allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the LOV component in terms of technical maintenance, repairs, and major overhauls of Oracle system equipment exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to read, modify, add, ...