π¨ CVE-2024-39584
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
π@cveNotify
Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot bypass and arbitrary code execution.
π@cveNotify
π¨ CVE-2024-39771
QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack.
π@cveNotify
QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack.
π@cveNotify
jvn.jp
JVN#83440451: Multiple Safie products vulnerable to improper server certificate verification
Japan Vulnerability Notes
π¨ CVE-2021-22509
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
π¨ CVE-2021-22529
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1
π@cveNotify
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1
π@cveNotify
π¨ CVE-2021-22530
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
π¨ CVE-2021-38120
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper
handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
π@cveNotify
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper
handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
π@cveNotify
π¨ CVE-2021-38121
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1
π@cveNotify
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1
π@cveNotify
π¨ CVE-2021-38122
A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information.
This issue affects NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information.
This issue affects NetIQ Advance Authentication before 6.3.5.1
π@cveNotify
π¨ CVE-2023-6912
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
π@cveNotify
Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords.
π@cveNotify
π¨ CVE-2024-4606
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.0.3.
π@cveNotify
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.0.3.
π@cveNotify
Patchstack
WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 2.0.3 - PHP Object Injection vulnerabilityβ¦
Hand curated, verified and enriched vulnerability information by Patchstack security experts. Find all WordPress plugin, theme and core security issues.
π¨ CVE-2024-45346
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityβ¦
π¨ CVE-2023-26321
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
π@cveNotify
A path traversal vulnerability exists in the Xiaomi File Manager application product(international version). The vulnerability is caused by unfiltered special characters and can be exploited by attackers to overwrite and execute code in the file.
π@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityβ¦
π¨ CVE-2023-26322
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityβ¦
π¨ CVE-2023-26323
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code.
π@cveNotify
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code.
π@cveNotify
Mi
Xiaomi Security Center
Xiaomi Product Security Center provides users and partners of Xiaomi with detailed information on the security status of our smartphones and IoT products, including product security advisories and notices, security updates and support information, and securityβ¦
π¨ CVE-2023-26324
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability to execute malicious code.
π@cveNotify
π¨ CVE-2023-0213
Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking.
π@cveNotify
Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking.
π@cveNotify
π¨ CVE-2023-0382
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption.
π@cveNotify
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption.
π@cveNotify
π¨ CVE-2023-0383
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption.
π@cveNotify
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption.
π@cveNotify
π¨ CVE-2023-0384
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption for a scheduled job.
π@cveNotify
User-controlled operations could have allowed Denial of Service in M-Files Server before 23.4.12528.1
due to uncontrolled memory consumption for a scheduled job.
π@cveNotify
π¨ CVE-2023-2112
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.
π@cveNotify
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.
π@cveNotify
π¨ CVE-2023-2480
Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications
π@cveNotify
Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications
π@cveNotify