CVE-2023-30998

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649...

UBUNTU-CVE-2024-1816

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

PT-2024-12250 · Ibm · Ibm Security Access Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue allows a local user to obtain root access due to improper access controls. Recommendations: For versions 10.0.0.0 through 10.0.7.1, update to a versi...

PT-2024-12719 · Ibm · Ibm Security Access Manager Docker

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue is related to the use of weaker than expected cryptographic algorithms, which could allow an attacker to decrypt highly sensitive information...

IBM Security Verify Access 安全漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

PT-2024-12251 · Ibm · Ibm Security Access Manager Docker

Name of the Vulnerable Software and Affected Versions: IBM Security Access Manager Docker versions 10.0.0.0 through 10.0.7.1 Description: The issue allows a local user to obtain root access due to improper access controls. Recommendations: For IBM Security Access Manager Docker versions 10.0.0.0...

Lumisxp Cross-Site Scripting Vulnerability

LumisXP is a cloud-based digital experience software from Lumis Inc. which helps users gain insight into various website, blog and landing page metrics on a unified platform. A security vulnerability exists in Lumisxp versions 15.0.x through 16.1.x, which stems from susceptibility to a cross-site...

PT-2024-37505 · Unknown · Lahirudanushka School Management System

Name of the Vulnerable Software and Affected Versions: lahirudanushka School Management System versions 1.0.0 through 1.0.1 Description: A critical issue was found in the Student Page component of the lahirudanushka School Management System, specifically in the file student.php. The manipulation ...

CVE-2023-38394

Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through 3.3.0...

CVE-2023-47726

IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0 through 1.10.21.0 could allow an authenticated user to execute certain arbitrary commands due to improper input validation. IBM X-Force ID: 272087...

AXIS OS Security Vulnerability

AXIS Os is an edge device operating system from Axis Sweden AXIS. A security vulnerability exists in AXIS OS versions 5.51 through 11.9, which stems from an O3C feature that could expose sensitive traffic between the client and the server...

ai.djl.android:core (>=0.20.0 <=0.27.0), ai.djl.android:onnxruntime (>=0.20.0 <=0.27.0) +155 more potentially affected by CVE-2024-37902 via ai.djl:api (>=0.20.0 <=0.27.0)

ai.djl:api MAVEN version =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.26.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.20.0, =0.27.0 and more Source cves: CVE-2024-37902 Source advisory: OSV:GHSA-W877-JFW7-46RJ...

007putra-my-bot (=1.1.1), 02strich-markdown (>=1.0.0 <=1.0.2) +8693 more potentially affected by CVE-2024-37890 via ws (>=8.0.0 <=8.17.0)

ws NPM version =8.0.0, =1.0.0, =0.0.31, =0.2.0, =1.0.53, =1.0.0, =0.2.3, =0.2.5 - 7t7t7t37t =1.0.0 - 84447xe5t8 =1.0.0 - 8wcy8cycwcu =1.0.0 - 8wyc8ywyc8c =1.0.0 - 9cwyw8bcyy8wc =1.0.0 and more Source cves: CVE-2024-37890 Source advisory: OSV:GHSA-3H5V-Q93C-6H6Q...

Deep Java Library Security Vulnerability

Deep Java Library is an open source, high-level, engine-independent deep learning Java framework from Deep Java Library Open Source. A security vulnerability exists in Deep Java Library version 0.1.0 up to and including version 0.27.0, which stems from a vulnerability that will not prevent an...

PT-2024-5310 · Ibm · Ibm Qradar Suite +1

Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite Software versions 1.10.12.0 through 1.10.21.0 IBM Cloud Pak for Security versions 1.10.12.0 through 1.10.21.0 Description: The issue exists due to insufficient input validation, allowing a remote attacker to execute arbitrary...

Snipe-IT Security Breach

Snipe-IT is an open source IT asset/license management system. A security vulnerability exists in Snipe-IT versions v4.6.17 through v6.4.1, which stems from an API call that allows users to make changes to group membership to promote or demote themselves or other users...

DNSCrypt-proxy Security Vulnerability

DNSCrypt-proxy is a DNS proxy for the DNSCrypt project. A security vulnerability exists in DNSCrypt-proxy versions v2.0.0alpha9 through v2.1.5 that stems from improper privilege management. An attacker can exploit the vulnerability to elevate privileges to root by overwriting the binary...

PT-2024-27084 · Unknown · Dnscrypt-Proxy

Name of the Vulnerable Software and Affected Versions: DNSCrypt-proxy versions 2.0.0alpha9 through 2.1.5 Description: The issue is related to insecure permissions in DNSCrypt-proxy, allowing non-privileged attackers to escalate privileges to root. This can be achieved by overwriting the binary...

org.apache.submarine:submarine-all (>=0.4.0 <=0.8.0-RC0), org.apache.submarine:submarine-client (>=0.4.0 <=0.8.0-RC0) +12 more potentially affected by CVE-2024-36264 via org.apache.submarine:submarine-commons-utils (>=0.4.0 <=0.8.0)

org.apache.submarine:submarine-commons-utils MAVEN version =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.8.0, =0.4.0, =0.8.0, =0.8.0, =0.6.0, =0.8.0-RC0 Source cves: CVE-2024-36264 Source advisory: OSV:GHSA-JWCG-WV5X-VG3G...

CVE-2023-52177

Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3...