5.4

CVSS3.1

CVE-2024-21990 - Default Privileged Account Credentials Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials.

πŸ“… Published: April 17, 2024, 7:35 p.m. πŸ”„ Last Modified: Feb. 10, 2025, 7:29 p.m.

8.1

CVSS3.1

CVE-2024-21989 - Privilege Escalation Vulnerability in ONTAP Select Deploy administration utility

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.

πŸ“… Published: April 17, 2024, 7:32 p.m. πŸ”„ Last Modified: Feb. 10, 2025, 7:27 p.m.

5.7

CVSS3.1

CVE-2024-29951 - Brocade SANnav has weak encryption in internal SSH ports

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection.

πŸ“… Published: April 17, 2024, 7:21 p.m. πŸ”„ Last Modified: Feb. 4, 2025, 4:01 p.m.

8.3

CVSS3.1

CVE-2024-3323 - Reflected Cross Site Scripting (XSS) vulnerability

Cross Site Scripting in UI Request/Response Validation in TIBCO JasperReports Server 8.0.4 and 8.2.0 allows allows for the injection of malicious executable scripts into the code of a trusted application that may lead to stealing the user's active session cookieΒ via sending malicious link, enti…

πŸ“… Published: April 17, 2024, 6:53 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-29950 - Brocade SANnav before v2.3.1, v2.3.0a uses weak encryption

The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack.

πŸ“… Published: April 17, 2024, 6:21 p.m. πŸ”„ Last Modified: Feb. 4, 2025, 3:40 p.m.

8.8

CVSS3.1

CVE-2024-3914 -

Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: April 17, 2024, 5:27 p.m. πŸ”„ Last Modified: Feb. 13, 2025, 5:53 p.m.

8.4

CVSS3.1

CVE-2024-28073 - SolarWinds Serv-U Directory Traversal Remote Code Execution Vulnerability

SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited.

πŸ“… Published: April 17, 2024, 4:58 p.m. πŸ”„ Last Modified: Feb. 10, 2025, 10:38 p.m.

5.9

CVSS3.1

CVE-2023-5407 -

Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning.

πŸ“… Published: April 17, 2024, 4:49 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2023-5406 -

Server communication with a controller can lead to remote code execution using a specially crafted message from the controller.Β See Honeywell Security Notification for recommendations on upgrading and versioning.

πŸ“… Published: April 17, 2024, 4:47 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2023-5405 -

Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message.Β See Honeywell Security Notification for recommendations on upgrading and versioning.

πŸ“… Published: April 17, 2024, 4:46 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 10227 of 34,919
Β« previous page Β» next page
Filters