Export limit exceeded: 10467 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10467 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7604 | 1 Logsign | 1 Unified Secops Platform | 2024-08-23 | 7.8 High |
| Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This vulnerability allows local attackers to bypass authentication on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP API service, which listens on TCP port 443 by default. The issue results from the lack of proper validation of the user's license expiration date. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25029. | ||||
| CVE-2024-43401 | 1 Xwiki | 2 Xwiki, Xwiki-platform | 2024-08-21 | 9.1 Critical |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. This vulnerability has been patched in XWiki 15.10RC1. | ||||
| CVE-2024-6358 | 1 Opentext | 1 Arcsight Intelligence | 2024-08-19 | 6.3 Medium |
| Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. | ||||
| CVE-2024-41941 | 1 Siemens | 1 Sinec Nms | 2024-08-14 | 4.3 Medium |
| A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization. | ||||
| CVE-2024-41939 | 1 Siemens | 1 Sinec Nms | 2024-08-14 | 8.8 High |
| A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application. | ||||
| CVE-2019-9619 | 2023-11-07 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | ||||
| CVE-2019-9374 | 2023-11-07 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | ||||