Show filters
13,160 Total Results
Displaying 591-600 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-25052
Disclosure Date: June 13, 2024 (last updated August 08, 2024)
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID: 283363.
0
Attacker Value
Unknown
CVE-2024-32860
Disclosure Date: June 13, 2024 (last updated August 17, 2024)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
0
Attacker Value
Unknown
CVE-2024-32859
Disclosure Date: June 13, 2024 (last updated September 20, 2024)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
0
Attacker Value
Unknown
CVE-2024-32858
Disclosure Date: June 13, 2024 (last updated September 25, 2024)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
0
Attacker Value
Unknown
CVE-2024-32856
Disclosure Date: June 13, 2024 (last updated September 25, 2024)
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure.
0
Attacker Value
Unknown
CVE-2024-3073
Disclosure Date: June 13, 2024 (last updated July 16, 2024)
The Easy WP SMTP by SendLayer – WordPress SMTP and Email Log Plugin plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.3.0. This is due to plugin providing the SMTP password in the SMTP Password field when viewing the settings. This makes it possible for authenticated attackers, with administrative-level access and above, to view the SMTP password for the supplied server. Although this would not be useful for attackers in most cases, if an administrator account becomes compromised this could be useful information to an attacker in a limited environment.
0
Attacker Value
Unknown
CVE-2024-34110
Disclosure Date: June 13, 2024 (last updated July 10, 2024)
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution. A high-privilege attacker could exploit this vulnerability by uploading a malicious file to the system, which could then be executed. Exploitation of this issue does not require user interaction.
0
Attacker Value
Unknown
CVE-2024-34109
Disclosure Date: June 13, 2024 (last updated July 10, 2024)
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required.
0
Attacker Value
Unknown
CVE-2024-34108
Disclosure Date: June 13, 2024 (last updated August 07, 2024)
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, but admin privileges are required and scope is changed.
0
Attacker Value
Unknown
CVE-2024-34105
Disclosure Date: June 13, 2024 (last updated July 10, 2024)
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
0