Lucene search
K

289 matches found

OSV
OSV
added 2024/09/04 6:15 a.m.5 views

CVE-2024-34651

Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.15 views

CVE-2024-34651

Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files...

6.2CVSS6.6AI score0.00129EPSS
Exploits0References1
CVE
CVE
added 2024/09/04 5:32 a.m.49 views

CVE-2024-34651

Samsung My Files on Samsung Mobile devices is affected by CVE-2024-34651 due to improper authorization that allows local attackers to access restricted data. The vulnerability affects My Files prior to the SMR Sep-2024 Release 1; remediation is to apply SMR Sep-2024 Release 1 or later updates. Co...

6.2CVSS6.8AI score0.00129EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.7 views

PT-2024-26071 · M Files · My Files

Name of the Vulnerable Software and Affected Versions: My Files versions prior to SMR Sep-2024 Release 1 Description: The issue is related to improper authorization in My Files, allowing local attackers to access restricted data. This can be exploited by local attackers. Recommendations: For...

6.2CVSS6.9AI score0.00129EPSS
Exploits0References6
Snyk
Snyk
added 2024/08/14 12:35 p.m.1 views

Improper Authorization

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization via improper authorization. An attacker can gain access to restricted information by bypassing security controls without requiring user interaction...

5.3CVSS6.5AI score0.00429EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.2 views

PT-2024-29546 · Sap · Sap Permit To Work

Name of the Vulnerable Software and Affected Versions: SAP Permit to Work affected versions not specified Description: The issue allows an authenticated attacker to access information that would otherwise be restricted, causing low impact on the confidentiality of the application. There is no...

4.3CVSS6.8AI score0.00299EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.5 views

PT-2024-9333 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence platform affected versions not specified Description: The issue allows an attacker to access information that would otherwise be restricted under certain conditions. This has a low impact on...

5.3CVSS7.5AI score0.00309EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2024/03/25 9:33 p.m.23 views

CVE-2024-30161

A flaw was found in the qt6 package where the WebAssembly wasm component may access the network reply header due to a dangling pointer. This issue may allow an attacker to gain access to restricted data, impacting data confidentiality and integrity...

6.5CVSS7.2AI score0.00452EPSS
Exploits0References3
OSV
OSV
added 2024/03/12 1:15 a.m.2 views

CVE-2024-28163

Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration PI - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application...

5.3CVSS5.8AI score0.00446EPSS
Exploits0References2
OSV
OSV
added 2024/03/12 1:15 a.m.4 views

CVE-2024-25644

Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application...

5.3CVSS5.8AI score0.0041EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.4 views

SAP NetWeaver Information Disclosure Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver that arises from allowing an attacker to access...

5.3CVSS6AI score0.0041EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/02/22 12:0 a.m.7 views

PT-2024-20770 · Unknown · Tuleap Community Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 15.5.99.76 Tuleap Enterprise Edition versions prior to 15.5-4 Tuleap Enterprise Edition versions prior to 15.4-7 Description: Tuleap is an open source suite to improve management of software...

6.5CVSS7AI score0.00495EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/02/12 12:0 a.m.6 views

PT-2024-3864 · Sap · Sap Fiori App

Name of the Vulnerable Software and Affected Versions: SAP Fiori app My Overtime Request version 605 Description: The issue is related to the absence of necessary authorization checks for authenticated users, which may lead to an escalation of privileges. It is possible to manipulate the URLs of...

4.3CVSS7.3AI score0.00319EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.7 views

Tuleap Information Disclosure Vulnerability

Tuleap is an open source application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. Tuleap suffers from an information disclosure vulnerability that stems from the fact that when a process...

6.5CVSS6.3AI score0.0053EPSS
Exploits0References5
OSV
OSV
added 2024/01/16 10:15 p.m.4 views

CVE-2024-20920

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

3.8CVSS7.3AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2024/01/09 2:15 a.m.3 views

CVE-2024-22125

Under certain conditions the Microsoft Edge browser extension SAP GUI connector for Microsoft Edge - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality...

7.5CVSS5.8AI score0.00519EPSS
Exploits0References2
OSV
OSV
added 2023/12/18 2:15 p.m.8 views

CVE-2023-3629

A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access information outside of their intended permissions...

6.5CVSS5.8AI score0.00579EPSS
Exploits0References4
OSV
OSV
added 2023/12/12 2:15 a.m.6 views

CVE-2023-49581

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database table. By doing so the attacker could increase...

9.4CVSS5.8AI score0.00506EPSS
Exploits0References2
OSV
OSV
added 2023/12/12 2:15 a.m.5 views

CVE-2023-49580

SAP GUI for Windows and SAP GUI for Java - versions SAPBASIS 755, SAPBASIS 756, SAPBASIS 757, SAPBASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create...

7.3CVSS5.8AI score0.00478EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.6 views

PT-2023-31266 · Sap · Sap Gui For Windows +1

Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows affected versions not specified SAP GUI for Java affected versions not specified Description: The issue allows an unauthenticated attacker to access restricted and confidential information. Additionally, it enables the...

9.4CVSS9.2AI score0.00506EPSS
Exploits0References8
Rows per page
Query Builder